Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by D (25-08-2017 19:32:45)
Running from C:\Users\D\Downloads
Windows 10 Home Version 1703 (X64) (2017-06-05 08:43:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2847175294-2144517108-672257983-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2847175294-2144517108-672257983-503 - Limited - Disabled)
D (S-1-5-21-2847175294-2144517108-672257983-1001 - Administrator - Enabled) => C:\Users\D
Guest (S-1-5-21-2847175294-2144517108-672257983-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.101 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f4d8103-e601-4d48-b81d-d508d760aaba}) (Version: 17.0.3 - Intel Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1321.0_WHQL - Sonix)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Malwarebytes verze 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2847175294-2144517108-672257983-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2847175294-2144517108-672257983-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-23] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-08-24] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-23] (AVAST Software)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-23] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-24] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2015-09-24] (Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-08-24] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-23] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A64EE8B-0D8E-4970-B5D2-3436D2A107C0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0B24D119-D523-47AF-B70F-0E97D35B486D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {0B26FB7D-D70E-45EA-9FBF-02D6A7421CC4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0CCEE4CC-708C-4D0E-BFFC-2DA4B24F34AE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {12AD05B6-542A-436E-AD90-4F0B6509FE86} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {1FBE0EB0-449B-4E33-B6BC-58126DDDEEC8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-08] (Microsoft Corporation)
Task: {281E5D3D-A8EA-462C-890A-E2123AA1E3E8} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {37565A9A-6127-46A9-A250-659217D3D093} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {4660F5D9-B8C2-4407-9FB7-308504B9C9E5} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {52DED86A-A9F2-401D-B5DC-FA17F6A5A7F3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {5ACF9C12-1456-4DF0-814B-EEC943A45C9A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {77144E4D-4DA2-4DA0-B8BB-B5591705217E} - System32\Tasks\SafeZone scheduled Autoupdate 1503494728 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {8066E67C-AEE4-457C-B67B-92E0E0888531} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {93B63DEA-94A8-4B4D-925A-90BDDB576103} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {97854C4F-2F61-44B8-8F59-169FDFDB4F6A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {99E18690-4F72-42F1-907E-347F6BF37CDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {AFFC075F-440B-4FC7-9BA6-1CAE418557B3} - \WPD\SqmUpload_S-1-5-21-2847175294-2144517108-672257983-1001 -> No File <==== ATTENTION
Task: {B992AE0A-B8B1-4EA4-89B4-388BEA26D005} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C4C3A75C-39E2-4A72-B2B6-BACB1B88F0E4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-08-23] (AVAST Software)
Task: {C95C7150-8604-467C-918C-D3A34EC90BF1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {D6CF6EC6-946A-40C1-B169-11BF42209E69} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D78C7AD9-AA03-4211-B61A-DD20843F366E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DE46A686-CC18-446E-9B1B-EAD9DEEABC3E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E519DAB2-CBF7-485C-AC09-7D0207B24ECE} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {ECEA0093-A27B-4402-B0F8-DECA5174E8C4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {F00CCDE9-D0C0-496B-8552-EA94FFAD9AF4} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {F07B3A26-5296-48E2-9B7E-2FEEF2D830E7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {FE800A35-99BA-4E1F-8019-D8496E13CF23} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-11-08 00:22 - 2012-04-24 12:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-08-23 18:52 - 2017-08-21 07:20 - 002264520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-08-24 18:22 - 2017-08-24 18:22 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2017-03-18 22:59 - 2017-03-20 06:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-11-07 23:38 - 2010-10-26 06:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-03-26 22:50 - 2014-11-08 00:34 - 000058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2016-09-28 18:25 - 2016-09-28 18:25 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-11-08 00:28 - 2014-11-08 00:28 - 000815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2017-08-23 15:19 - 2017-08-23 15:19 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-08-23 15:20 - 2017-08-23 15:20 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-08-23 15:20 - 2017-08-23 15:20 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-08-23 15:20 - 2017-08-23 15:20 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-08-23 15:20 - 2017-08-23 15:20 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-08-23 15:19 - 2017-08-23 15:19 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-08-23 15:20 - 2017-08-23 15:20 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
Prosím o kontrolu Vyřešeno
-
lou17
- Pohlaví:
Re: Prosím o kontrolu
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2017-08-24 17:26 - 000000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2847175294-2144517108-672257983-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\D\Desktop\finding_dory_4k-wide.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{5AA270C5-3D0B-44CA-A65E-2E895FE7BD7E}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe
FirewallRules: [TCP Query User{153E6D53-9FAC-49CE-824A-0092C14CD75D}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe
FirewallRules: [UDP Query User{E30257D7-62E6-4860-BA99-F321A74A3FAC}C:\windows\system32\sihost.exe] => (Block) C:\windows\system32\sihost.exe
FirewallRules: [TCP Query User{38B950B9-976E-400E-824A-C0474C626A36}C:\windows\system32\sihost.exe] => (Block) C:\windows\system32\sihost.exe
FirewallRules: [UDP Query User{4C525932-F5D2-4C69-9243-918CE6DEA145}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [TCP Query User{C23DC9DD-6755-461E-936F-DC2BE5149350}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [{82E3B106-1FE4-40D2-865A-88F9283CEA86}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{AF15808C-3B08-4306-B062-A49D4BE61A86}] => (Allow) LPort=55100
FirewallRules: [{3BF3B447-BBB6-4FD1-AA9C-D5F41024BA73}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{5F1F4303-4AB0-4875-9345-EC4AC5EEE682}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{5F9B02C4-B80E-4A51-9DA3-2CE31ED01AE8}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{4AEE3CCC-EF77-4D02-BE5A-59A81824F03B}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{52A2A660-A271-4A95-8830-74675E3ABA3E}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{1BA9DCE2-5F91-4E39-8E5C-782FC1A6BC1C}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{084EDE70-F2F8-46AB-9EE7-51ED4F17B053}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{05DCE3C5-A96E-49EE-B2D4-7AB1DE7CE2D0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{8D174C20-7771-4E6B-8666-63F848E4C99C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B3BDFA99-90E1-4D25-A90C-80E4429950C6}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
FirewallRules: [{FD33B9D4-3289-4304-9326-FB0CE712B3FD}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
==================== Restore Points =========================
13-06-2017 20:20:35 Windows Update
12-07-2017 20:29:10 Windows Update
08-08-2017 20:18:59 Windows Update
08-08-2017 20:20:19 Windows Update
23-08-2017 20:01:39 JRT Pre-Junkware Removal
23-08-2017 20:02:54 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/25/2017 07:29:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 20.8.2017.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 1a08
Čas spuštění: 01d31dc7aca8144f
Čas ukončení: 24
Cesta k aplikaci: C:\Users\D\Downloads\FRST64.exe
ID hlášení: cb56bf2e-f5da-46c9-9a91-73192a1f04b6
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (08/25/2017 07:23:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/24/2017 06:16:20 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.
Error: (08/24/2017 06:16:15 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (08/24/2017 03:55:16 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/24/2017 03:55:16 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/24/2017 03:54:21 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/24/2017 03:54:21 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/23/2017 10:12:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: D)
Description: Balíček Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.
Error: (08/23/2017 09:30:36 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
System errors:
=============
Error: (08/25/2017 07:24:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Uživatelská služba platformy připojených zařízení_2e2c7 byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (08/25/2017 07:24:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.
Error: (08/25/2017 07:23:36 PM) (Source: DCOM) (EventID: 10010) (User: DENISA)
Description: Server Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX6jbm6fjqte5wzzrf5807m7eq0z44q5gf.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/25/2017 07:03:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Uživatelská služba platformy připojených zařízení_586588 byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (08/25/2017 04:13:23 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Uživatelská služba platformy připojených zařízení_4a2d7d byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (08/24/2017 06:15:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Uživatelská služba platformy připojených zařízení_3cc54 byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (08/24/2017 06:14:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.
Error: (08/24/2017 06:02:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (08/24/2017 06:02:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (08/24/2017 06:02:49 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
CodeIntegrity:
===================================
Date: 2017-08-23 20:23:49.898
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-08-23 20:23:49.060
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 45%
Total physical RAM: 3979.21 MB
Available physical RAM: 2155.52 MB
Total Virtual: 4683.21 MB
Available Virtual: 2843.68 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:425.14 GB) (Free:375.69 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.94 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 76838BC9)
Partition: GPT.
==================== End of Addition.txt ============================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2017-08-24 17:26 - 000000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2847175294-2144517108-672257983-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\D\Desktop\finding_dory_4k-wide.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{5AA270C5-3D0B-44CA-A65E-2E895FE7BD7E}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe
FirewallRules: [TCP Query User{153E6D53-9FAC-49CE-824A-0092C14CD75D}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe
FirewallRules: [UDP Query User{E30257D7-62E6-4860-BA99-F321A74A3FAC}C:\windows\system32\sihost.exe] => (Block) C:\windows\system32\sihost.exe
FirewallRules: [TCP Query User{38B950B9-976E-400E-824A-C0474C626A36}C:\windows\system32\sihost.exe] => (Block) C:\windows\system32\sihost.exe
FirewallRules: [UDP Query User{4C525932-F5D2-4C69-9243-918CE6DEA145}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [TCP Query User{C23DC9DD-6755-461E-936F-DC2BE5149350}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [{82E3B106-1FE4-40D2-865A-88F9283CEA86}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{AF15808C-3B08-4306-B062-A49D4BE61A86}] => (Allow) LPort=55100
FirewallRules: [{3BF3B447-BBB6-4FD1-AA9C-D5F41024BA73}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{5F1F4303-4AB0-4875-9345-EC4AC5EEE682}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{5F9B02C4-B80E-4A51-9DA3-2CE31ED01AE8}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{4AEE3CCC-EF77-4D02-BE5A-59A81824F03B}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{52A2A660-A271-4A95-8830-74675E3ABA3E}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{1BA9DCE2-5F91-4E39-8E5C-782FC1A6BC1C}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{084EDE70-F2F8-46AB-9EE7-51ED4F17B053}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{05DCE3C5-A96E-49EE-B2D4-7AB1DE7CE2D0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{8D174C20-7771-4E6B-8666-63F848E4C99C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B3BDFA99-90E1-4D25-A90C-80E4429950C6}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
FirewallRules: [{FD33B9D4-3289-4304-9326-FB0CE712B3FD}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
==================== Restore Points =========================
13-06-2017 20:20:35 Windows Update
12-07-2017 20:29:10 Windows Update
08-08-2017 20:18:59 Windows Update
08-08-2017 20:20:19 Windows Update
23-08-2017 20:01:39 JRT Pre-Junkware Removal
23-08-2017 20:02:54 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/25/2017 07:29:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 20.8.2017.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 1a08
Čas spuštění: 01d31dc7aca8144f
Čas ukončení: 24
Cesta k aplikaci: C:\Users\D\Downloads\FRST64.exe
ID hlášení: cb56bf2e-f5da-46c9-9a91-73192a1f04b6
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (08/25/2017 07:23:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/24/2017 06:16:20 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.
Error: (08/24/2017 06:16:15 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (08/24/2017 03:55:16 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/24/2017 03:55:16 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/24/2017 03:54:21 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/24/2017 03:54:21 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/23/2017 10:12:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: D)
Description: Balíček Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.
Error: (08/23/2017 09:30:36 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
System errors:
=============
Error: (08/25/2017 07:24:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Uživatelská služba platformy připojených zařízení_2e2c7 byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (08/25/2017 07:24:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.
Error: (08/25/2017 07:23:36 PM) (Source: DCOM) (EventID: 10010) (User: DENISA)
Description: Server Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX6jbm6fjqte5wzzrf5807m7eq0z44q5gf.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/25/2017 07:03:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Uživatelská služba platformy připojených zařízení_586588 byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (08/25/2017 04:13:23 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Uživatelská služba platformy připojených zařízení_4a2d7d byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (08/24/2017 06:15:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Uživatelská služba platformy připojených zařízení_3cc54 byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (08/24/2017 06:14:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.
Error: (08/24/2017 06:02:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (08/24/2017 06:02:50 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (08/24/2017 06:02:49 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
CodeIntegrity:
===================================
Date: 2017-08-23 20:23:49.898
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-08-23 20:23:49.060
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 45%
Total physical RAM: 3979.21 MB
Available physical RAM: 2155.52 MB
Total Virtual: 4683.21 MB
Available Virtual: 2843.68 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:425.14 GB) (Free:375.69 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.94 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 76838BC9)
Partition: GPT.
==================== End of Addition.txt ============================
-
lou17
- Pohlaví:
Re: Prosím o kontrolu
Dobrý den, šlo by prosím nějak zjistit, jestli se mi někdo někdy nabourával přes tu webkameru?
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
Zkusíme..
Vlož nový log z HJT
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Vlož nový log z HJT
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
lou17
- Pohlaví:
Re: Prosím o kontrolu
Myslím, že jsem z tohoto programu vkládala logy včera i z HJT, jen nevím jestli jsem stáhla správně verzi 64bit
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
Omlouvám se..
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} -- trvale u něj vypni rez. ochranu.
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
IGFXDEV:
https://www.bleepingcomputer.com/startu ... 16164.html
možná by to chtělo přeinstalovat grafiku.
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Kód: Vybrat vše
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} -- trvale u něj vypni rez. ochranu.
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Start
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1419225695-3128108849-3814843768-1006 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1419225695-3128108849-3814843768-1006 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1419225695-3128108849-3814843768-1006 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
SearchScopes: HKU\S-1-5-21-2847175294-2144517108-672257983-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2847175294-2144517108-672257983-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2847175294-2144517108-672257983-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
C:\ProgramData\DP45977C.lfl
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {0A64EE8B-0D8E-4970-B5D2-3436D2A107C0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0B24D119-D523-47AF-B70F-0E97D35B486D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {0B26FB7D-D70E-45EA-9FBF-02D6A7421CC4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0CCEE4CC-708C-4D0E-BFFC-2DA4B24F34AE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {52DED86A-A9F2-401D-B5DC-FA17F6A5A7F3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {5ACF9C12-1456-4DF0-814B-EEC943A45C9A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {93B63DEA-94A8-4B4D-925A-90BDDB576103} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {97854C4F-2F61-44B8-8F59-169FDFDB4F6A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {99E18690-4F72-42F1-907E-347F6BF37CDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {AFFC075F-440B-4FC7-9BA6-1CAE418557B3} - \WPD\SqmUpload_S-1-5-21-2847175294-2144517108-672257983-1001 -> No File <==== ATTENTION
Task: {B992AE0A-B8B1-4EA4-89B4-388BEA26D005} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C95C7150-8604-467C-918C-D3A34EC90BF1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {D6CF6EC6-946A-40C1-B169-11BF42209E69} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D78C7AD9-AA03-4211-B61A-DD20843F366E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DE46A686-CC18-446E-9B1B-EAD9DEEABC3E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F07B3A26-5296-48E2-9B7E-2FEEF2D830E7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
EmptyTemp:
End(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
IGFXDEV:
https://www.bleepingcomputer.com/startu ... 16164.html
možná by to chtělo přeinstalovat grafiku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
lou17
- Pohlaví:
Re: Prosím o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by D (administrator) on D (28-08-2017 11:03:00)
Running from C:\Users\D\Downloads
Loaded Profiles: D (Available Profiles: D)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Users\D\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Users\D\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3814624 2016-09-21] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-11-08] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-11-08] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-11-08] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-08-23] (AVAST Software)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2847175294-2144517108-672257983-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{201a396c-6897-4e1e-9181-3a9b9d1a22b0}: [DhcpNameServer] 150.204.1.2
Tcpip\..\Interfaces\{7c3b6b5f-5222-4650-8dc6-cc0d725bd66d}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2847175294-2144517108-672257983-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2847175294-2144517108-672257983-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-2847175294-2144517108-672257983-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2847175294-2144517108-672257983-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2847175294-2144517108-672257983-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\D\AppData\Local\Google\Chrome\User Data\Default [2017-08-28]
CHR Extension: (Prezentace Google) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-24]
CHR Extension: (Dokumenty Google) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-24]
CHR Extension: (Disk Google) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-24]
CHR Extension: (YouTube) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-24]
CHR Extension: (Avast SafePrice) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-08-25]
CHR Extension: (Tabulky Google) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-24]
CHR Extension: (Avast Online Security) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Gmail) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-24]
CHR Extension: (Chrome Media Router) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-24]
CHR Profile: C:\Users\D\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-08-23] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-08-23] (AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [143584 2016-09-21] (ELAN Microelectronics Corp.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [328616 2015-09-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-11-08] (Lenovo(beijing) Limited)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-11-08] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-11-08] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320008 2017-08-23] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-08-23] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-08-23] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57728 2017-08-23] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [46984 2017-08-23] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41800 2017-08-23] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [146704 2017-08-23] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110352 2017-08-23] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84392 2017-08-23] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1015880 2017-08-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [585608 2017-08-23] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [198768 2017-08-23] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361336 2017-08-23] (AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-21] ()
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [41040 2016-09-21] (ELAN Microelectronic Corp.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2016-12-12] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-08-23] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-08-28] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-08-28] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-08-28] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-08-28] (Malwarebytes)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-30] (Sonix Co. Ltd.)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-08-24] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-08-24] (Zemana Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
Ran by D (administrator) on D (28-08-2017 11:03:00)
Running from C:\Users\D\Downloads
Loaded Profiles: D (Available Profiles: D)
Platform: Windows 10 Home Version 1703 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation) C:\Users\D\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Users\D\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3814624 2016-09-21] (ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-11-08] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-11-08] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-11-08] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-08-23] (AVAST Software)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2847175294-2144517108-672257983-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{201a396c-6897-4e1e-9181-3a9b9d1a22b0}: [DhcpNameServer] 150.204.1.2
Tcpip\..\Interfaces\{7c3b6b5f-5222-4650-8dc6-cc0d725bd66d}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2847175294-2144517108-672257983-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2847175294-2144517108-672257983-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-2847175294-2144517108-672257983-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2847175294-2144517108-672257983-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2847175294-2144517108-672257983-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\D\AppData\Local\Google\Chrome\User Data\Default [2017-08-28]
CHR Extension: (Prezentace Google) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-24]
CHR Extension: (Dokumenty Google) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-24]
CHR Extension: (Disk Google) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-24]
CHR Extension: (YouTube) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-24]
CHR Extension: (Avast SafePrice) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-08-25]
CHR Extension: (Tabulky Google) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-24]
CHR Extension: (Avast Online Security) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Gmail) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-24]
CHR Extension: (Chrome Media Router) - C:\Users\D\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-24]
CHR Profile: C:\Users\D\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-08-23] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-08-23] (AVAST Software)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [143584 2016-09-21] (ELAN Microelectronics Corp.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [328616 2015-09-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-11-08] (Lenovo(beijing) Limited)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-11-08] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-11-08] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320008 2017-08-23] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-08-23] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-08-23] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57728 2017-08-23] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [46984 2017-08-23] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41800 2017-08-23] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [146704 2017-08-23] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110352 2017-08-23] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84392 2017-08-23] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1015880 2017-08-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [585608 2017-08-23] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [198768 2017-08-23] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361336 2017-08-23] (AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-21] ()
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [41040 2016-09-21] (ELAN Microelectronic Corp.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2016-12-12] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-08-23] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-08-28] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-08-28] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-08-28] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-08-28] (Malwarebytes)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [82072 2015-09-23] (McAfee, Inc.)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-30] (Sonix Co. Ltd.)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-08-24] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-08-24] (Zemana Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
-
lou17
- Pohlaví:
Re: Prosím o kontrolu
2017-08-28 11:03 - 2017-08-28 11:03 - 000015665 _____ C:\Users\D\Downloads\FRST.txt
2017-08-28 10:52 - 2017-08-28 10:52 - 000003954 _____ C:\Users\D\Desktop\fixlist.txt.txt
2017-08-28 10:49 - 2017-08-28 10:49 - 000000000 ___HD C:\OneDriveTemp
2017-08-25 19:29 - 2017-08-28 11:03 - 000000000 ____D C:\FRST
2017-08-25 19:29 - 2017-08-25 19:29 - 000000000 ____D C:\Users\D\AppData\Local\DBG
2017-08-25 19:27 - 2017-08-25 19:27 - 002395648 _____ (Farbar) C:\Users\D\Downloads\FRST64.exe
2017-08-25 19:17 - 2017-08-28 10:45 - 000000000 ____D C:\Users\D\Downloads\backups
2017-08-25 19:12 - 2017-08-25 19:12 - 000000000 ____D C:\Users\D\AppData\Local\NetworkTiles
2017-08-24 18:22 - 2017-08-28 11:03 - 000072942 _____ C:\WINDOWS\ZAM.krnl.trace
2017-08-24 18:22 - 2017-08-28 11:03 - 000041045 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-08-24 18:22 - 2017-08-24 18:22 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-08-24 18:22 - 2017-08-24 18:22 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-08-24 18:22 - 2017-08-24 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-08-24 18:22 - 2017-08-24 18:22 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-08-24 18:21 - 2017-08-24 18:21 - 000000000 ____D C:\Users\D\AppData\Local\Zemana
2017-08-24 18:20 - 2017-08-24 18:20 - 006625600 _____ (Zemana Ltd. ) C:\Users\D\Downloads\Zemana.AntiMalware.Setup.exe
2017-08-24 18:15 - 2017-08-24 18:15 - 000000000 ____D C:\Users\D\AppData\Local\ConnectedDevicesPlatform
2017-08-24 18:13 - 2017-08-24 17:24 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2017-08-24 16:01 - 2017-08-24 16:56 - 000000000 ____D C:\zoek_backup
2017-08-24 16:00 - 2017-08-24 16:00 - 001309184 _____ C:\Users\D\Downloads\zoek.exe
2017-08-23 20:28 - 2017-08-24 14:58 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-08-23 20:28 - 2017-08-23 20:28 - 026627144 _____ C:\Users\D\Downloads\RogueKiller_portable64.exe
2017-08-23 20:23 - 2017-08-23 20:24 - 000000000 ____D C:\ProgramData\RogueKiller
2017-08-23 19:48 - 2017-08-23 19:49 - 001790024 _____ (Malwarebytes) C:\Users\D\Downloads\JRT.exe
2017-08-23 18:52 - 2017-08-28 10:47 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-23 18:52 - 2017-08-28 10:47 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-08-23 18:52 - 2017-08-28 10:47 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-08-23 18:52 - 2017-08-28 10:47 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-08-23 18:52 - 2017-08-23 18:52 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-08-23 18:52 - 2017-08-23 18:52 - 000001923 _____ C:\Users\D\Downloads\Malwarebytes.lnk
2017-08-23 18:52 - 2017-08-23 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-08-23 18:51 - 2017-08-21 07:20 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-08-23 18:46 - 2017-08-24 14:51 - 000000000 ____D C:\AdwCleaner
2017-08-23 18:46 - 2017-08-23 18:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-08-23 18:46 - 2017-08-23 18:46 - 000000000 ____D C:\Program Files\Malwarebytes
2017-08-23 18:42 - 2017-08-23 18:42 - 065942208 _____ (Malwarebytes ) C:\Users\D\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-08-23 18:41 - 2017-08-23 18:41 - 008185288 _____ (Malwarebytes) C:\Users\D\Downloads\AdwCleaner.exe
2017-08-23 18:38 - 2017-08-23 18:38 - 000448512 _____ (OldTimer Tools) C:\Users\D\Downloads\TFC.exe
2017-08-23 15:25 - 2017-08-23 16:08 - 000004004 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1503494728
2017-08-23 15:25 - 2017-08-23 16:08 - 000001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-23 15:25 - 2017-08-23 15:25 - 000001099 _____ C:\Users\D\Downloads\Avast SafeZone Browser.lnk
2017-08-23 15:24 - 2017-08-23 15:24 - 000041800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-08-23 15:22 - 2017-08-28 10:37 - 000004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-08-23 15:22 - 2017-08-23 15:22 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-08-23 15:22 - 2017-08-23 15:22 - 000001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-08-23 15:22 - 2017-08-23 15:22 - 000001978 _____ C:\Users\D\Downloads\Avast Free Antivirus.lnk
2017-08-23 15:22 - 2017-08-23 15:22 - 000000000 ____D C:\Users\D\AppData\Roaming\AVAST Software
2017-08-23 15:22 - 2017-08-23 15:22 - 000000000 ____D C:\Users\D\AppData\Local\CEF
2017-08-23 15:21 - 2017-08-23 15:22 - 001015880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-08-23 15:21 - 2017-08-23 15:22 - 000146704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2017-08-23 15:21 - 2017-08-23 15:20 - 000585608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-08-23 15:21 - 2017-08-23 15:20 - 000400464 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-08-23 15:21 - 2017-08-23 15:20 - 000361336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-08-23 15:21 - 2017-08-23 15:20 - 000198768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-08-23 15:21 - 2017-08-23 15:20 - 000110352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-08-23 15:21 - 2017-08-23 15:20 - 000084392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-08-23 15:21 - 2017-08-23 15:20 - 000046984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-08-23 15:21 - 2017-08-23 15:19 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-08-23 15:21 - 2017-08-23 15:19 - 000320008 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-08-23 15:21 - 2017-08-23 15:19 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-08-23 15:21 - 2017-08-23 15:19 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-08-23 15:17 - 2017-08-23 15:24 - 000000000 ____D C:\Program Files\AVAST Software
2017-08-23 15:16 - 2017-08-23 17:44 - 000000000 ____D C:\ProgramData\AVAST Software
2017-08-21 12:03 - 2017-08-21 12:03 - 006334880 _____ (AVAST Software) C:\Users\D\Downloads\avast_free_antivirus_setup_online.exe
2017-08-14 20:15 - 2017-08-14 20:15 - 000388608 _____ (Trend Micro Inc.) C:\Users\D\Downloads\HijackThis.exe
2017-08-08 20:17 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-08 20:17 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-08 20:17 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-08 20:17 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-08 20:17 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-08 20:17 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-08 20:17 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-08 20:17 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-08 20:17 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-08 20:17 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-08 20:17 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-08 20:17 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-08 20:17 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-08 20:17 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-08 20:17 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-08 20:17 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-08 20:17 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-08 20:17 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-08 20:17 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-08 20:17 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-08 20:17 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-08 20:17 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-08 20:17 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-08 20:17 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-08 20:17 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-08 20:17 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-08 20:17 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-08 20:17 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-08 20:17 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-08 20:17 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-08 20:17 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-08 20:17 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-08 20:17 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-08 20:17 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-08 20:17 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-08 20:17 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-08 20:17 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-08 20:17 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-08 20:17 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-08 20:17 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-08 20:17 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-08 20:17 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-08 20:17 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-08 20:17 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-08 20:17 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-08 20:17 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-08 20:17 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-08 20:17 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-08 20:17 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-08 20:17 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-08 20:17 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-08 20:17 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-08 20:17 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-08 20:17 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-08 20:17 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-08 20:17 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-08 20:17 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-08 20:17 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-08 20:17 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-08 20:17 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-08 20:17 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-08 20:17 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-08 20:17 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-08 20:17 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-08 20:17 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-08 20:17 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-08 20:17 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-08 20:17 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-08 20:17 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-08 20:17 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-08 20:17 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-08 20:17 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-08 20:17 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-08 20:17 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-08 20:17 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-08 20:17 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-08 20:17 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-08 20:17 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-08 20:17 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-08 20:17 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-08 20:17 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-08 20:17 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-08 20:17 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-08 20:17 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-08 20:17 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-08-08 20:16 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-08 20:16 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-08 20:16 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-08 20:16 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-08 20:16 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-08 20:16 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-08 20:16 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-08 20:16 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-08 20:16 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-08 20:16 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-08 20:16 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-08 20:16 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-08 20:16 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-08 20:16 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-08 20:16 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-08 20:16 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-08 20:16 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-08 20:16 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-08 20:16 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-08 20:16 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-08 20:16 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-08 20:16 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-08 20:16 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-08 20:16 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-08 20:16 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-08 20:16 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-08 20:16 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-08 20:16 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-08 20:16 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-08 20:16 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-08 20:16 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-08 20:16 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-08 20:15 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-08 20:15 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-08 20:15 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-08 20:15 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-08 20:15 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-08 20:15 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-08 20:15 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-08 20:15 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-08 20:15 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-08 20:15 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-08 20:15 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-08 20:15 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-08 20:15 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-08 20:15 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-08 20:15 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-08 20:15 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-08 20:15 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-08 20:15 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-08 20:15 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-08 20:15 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-08 20:15 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-08 20:15 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-08 20:15 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-08 20:15 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-08 20:15 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-08 20:15 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-08 20:15 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-08 20:15 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-08 20:15 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-08 20:15 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-08 20:15 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-08 20:15 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-08 20:15 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-08 20:15 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-08 20:15 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-08 20:15 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-08 20:15 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-08 20:15 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-08 20:15 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-08 20:15 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-08 20:15 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-08 20:15 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-08 20:15 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-08 20:15 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-08 20:15 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-08 20:15 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-08 20:15 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-08 20:15 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-08 20:15 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-08 20:15 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-08 20:15 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-08 20:15 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-08 20:15 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-08 20:15 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-08 20:15 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-08 20:15 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-08 20:15 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-08 20:15 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-08 20:15 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-08 20:15 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-08 20:15 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-08 20:15 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-08 20:15 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-08 20:15 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-08 20:15 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-08 20:15 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-08 20:15 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-08 20:15 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-08 20:15 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-08 20:15 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-08 20:15 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-08 20:15 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-08 20:15 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-08 20:15 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-08 20:15 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-08 20:15 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-08 20:15 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-08 20:15 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-08 20:15 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-08 20:15 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-08 20:15 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-08 20:15 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-08 20:15 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-08 20:15 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-08 20:15 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-08 20:15 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-08 20:15 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-08 20:15 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-08-08 20:15 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-08 20:15 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-08 20:15 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-08 20:15 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-08 20:15 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-08 20:15 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-08 20:15 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-08 20:15 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-08 20:15 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-08 20:15 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-08 20:15 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-08 20:15 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-08 20:15 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-08 20:15 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-08 20:15 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-08 20:15 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-08 20:15 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-08 20:15 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-08 20:15 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-08 20:15 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-08 20:15 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-08 20:15 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-08 20:15 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-08 20:15 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-08 20:15 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-08 20:15 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-08 20:15 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-08 20:15 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-08 20:15 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-08 20:15 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-08 20:15 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-08 20:15 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-08 20:15 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-08 20:15 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-08 20:15 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-08 20:15 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-08 20:15 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-08 20:15 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-08 20:15 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-08 20:14 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-08 20:14 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-08 20:14 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-08 20:14 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-08 20:14 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-08 20:14 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-08 20:14 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-08 20:14 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-08 20:14 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-08 20:14 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-08 20:14 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-08 20:14 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-08 20:14 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-08 20:14 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-08 20:14 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-08 20:14 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-08 20:14 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-08 20:14 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-08 20:14 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-08 20:14 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-08 20:14 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-08 20:14 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-08 20:14 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-08 20:14 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-08 20:14 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-08 20:14 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-08 20:14 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-08 20:14 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-08 20:14 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-08 20:14 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-08 20:14 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-08 20:14 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-08 20:14 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-08 20:14 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-08 20:14 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-28 10:52 - 2017-08-28 10:52 - 000003954 _____ C:\Users\D\Desktop\fixlist.txt.txt
2017-08-28 10:49 - 2017-08-28 10:49 - 000000000 ___HD C:\OneDriveTemp
2017-08-25 19:29 - 2017-08-28 11:03 - 000000000 ____D C:\FRST
2017-08-25 19:29 - 2017-08-25 19:29 - 000000000 ____D C:\Users\D\AppData\Local\DBG
2017-08-25 19:27 - 2017-08-25 19:27 - 002395648 _____ (Farbar) C:\Users\D\Downloads\FRST64.exe
2017-08-25 19:17 - 2017-08-28 10:45 - 000000000 ____D C:\Users\D\Downloads\backups
2017-08-25 19:12 - 2017-08-25 19:12 - 000000000 ____D C:\Users\D\AppData\Local\NetworkTiles
2017-08-24 18:22 - 2017-08-28 11:03 - 000072942 _____ C:\WINDOWS\ZAM.krnl.trace
2017-08-24 18:22 - 2017-08-28 11:03 - 000041045 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-08-24 18:22 - 2017-08-24 18:22 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-08-24 18:22 - 2017-08-24 18:22 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-08-24 18:22 - 2017-08-24 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-08-24 18:22 - 2017-08-24 18:22 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-08-24 18:21 - 2017-08-24 18:21 - 000000000 ____D C:\Users\D\AppData\Local\Zemana
2017-08-24 18:20 - 2017-08-24 18:20 - 006625600 _____ (Zemana Ltd. ) C:\Users\D\Downloads\Zemana.AntiMalware.Setup.exe
2017-08-24 18:15 - 2017-08-24 18:15 - 000000000 ____D C:\Users\D\AppData\Local\ConnectedDevicesPlatform
2017-08-24 18:13 - 2017-08-24 17:24 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2017-08-24 16:01 - 2017-08-24 16:56 - 000000000 ____D C:\zoek_backup
2017-08-24 16:00 - 2017-08-24 16:00 - 001309184 _____ C:\Users\D\Downloads\zoek.exe
2017-08-23 20:28 - 2017-08-24 14:58 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-08-23 20:28 - 2017-08-23 20:28 - 026627144 _____ C:\Users\D\Downloads\RogueKiller_portable64.exe
2017-08-23 20:23 - 2017-08-23 20:24 - 000000000 ____D C:\ProgramData\RogueKiller
2017-08-23 19:48 - 2017-08-23 19:49 - 001790024 _____ (Malwarebytes) C:\Users\D\Downloads\JRT.exe
2017-08-23 18:52 - 2017-08-28 10:47 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-23 18:52 - 2017-08-28 10:47 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-08-23 18:52 - 2017-08-28 10:47 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-08-23 18:52 - 2017-08-28 10:47 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-08-23 18:52 - 2017-08-23 18:52 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-08-23 18:52 - 2017-08-23 18:52 - 000001923 _____ C:\Users\D\Downloads\Malwarebytes.lnk
2017-08-23 18:52 - 2017-08-23 18:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-08-23 18:51 - 2017-08-21 07:20 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-08-23 18:46 - 2017-08-24 14:51 - 000000000 ____D C:\AdwCleaner
2017-08-23 18:46 - 2017-08-23 18:51 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-08-23 18:46 - 2017-08-23 18:46 - 000000000 ____D C:\Program Files\Malwarebytes
2017-08-23 18:42 - 2017-08-23 18:42 - 065942208 _____ (Malwarebytes ) C:\Users\D\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-08-23 18:41 - 2017-08-23 18:41 - 008185288 _____ (Malwarebytes) C:\Users\D\Downloads\AdwCleaner.exe
2017-08-23 18:38 - 2017-08-23 18:38 - 000448512 _____ (OldTimer Tools) C:\Users\D\Downloads\TFC.exe
2017-08-23 15:25 - 2017-08-23 16:08 - 000004004 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1503494728
2017-08-23 15:25 - 2017-08-23 16:08 - 000001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-23 15:25 - 2017-08-23 15:25 - 000001099 _____ C:\Users\D\Downloads\Avast SafeZone Browser.lnk
2017-08-23 15:24 - 2017-08-23 15:24 - 000041800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-08-23 15:22 - 2017-08-28 10:37 - 000004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-08-23 15:22 - 2017-08-23 15:22 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-08-23 15:22 - 2017-08-23 15:22 - 000001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-08-23 15:22 - 2017-08-23 15:22 - 000001978 _____ C:\Users\D\Downloads\Avast Free Antivirus.lnk
2017-08-23 15:22 - 2017-08-23 15:22 - 000000000 ____D C:\Users\D\AppData\Roaming\AVAST Software
2017-08-23 15:22 - 2017-08-23 15:22 - 000000000 ____D C:\Users\D\AppData\Local\CEF
2017-08-23 15:21 - 2017-08-23 15:22 - 001015880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-08-23 15:21 - 2017-08-23 15:22 - 000146704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2017-08-23 15:21 - 2017-08-23 15:20 - 000585608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-08-23 15:21 - 2017-08-23 15:20 - 000400464 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-08-23 15:21 - 2017-08-23 15:20 - 000361336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-08-23 15:21 - 2017-08-23 15:20 - 000198768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-08-23 15:21 - 2017-08-23 15:20 - 000110352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-08-23 15:21 - 2017-08-23 15:20 - 000084392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-08-23 15:21 - 2017-08-23 15:20 - 000046984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-08-23 15:21 - 2017-08-23 15:19 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-08-23 15:21 - 2017-08-23 15:19 - 000320008 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-08-23 15:21 - 2017-08-23 15:19 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-08-23 15:21 - 2017-08-23 15:19 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-08-23 15:17 - 2017-08-23 15:24 - 000000000 ____D C:\Program Files\AVAST Software
2017-08-23 15:16 - 2017-08-23 17:44 - 000000000 ____D C:\ProgramData\AVAST Software
2017-08-21 12:03 - 2017-08-21 12:03 - 006334880 _____ (AVAST Software) C:\Users\D\Downloads\avast_free_antivirus_setup_online.exe
2017-08-14 20:15 - 2017-08-14 20:15 - 000388608 _____ (Trend Micro Inc.) C:\Users\D\Downloads\HijackThis.exe
2017-08-08 20:17 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-08 20:17 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-08 20:17 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-08 20:17 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-08 20:17 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-08 20:17 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-08 20:17 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-08 20:17 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-08 20:17 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-08 20:17 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-08 20:17 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-08 20:17 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-08 20:17 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-08 20:17 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-08 20:17 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-08 20:17 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-08 20:17 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-08 20:17 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-08 20:17 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-08 20:17 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-08 20:17 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-08 20:17 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-08 20:17 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-08 20:17 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-08 20:17 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-08 20:17 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-08 20:17 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-08 20:17 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-08 20:17 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-08 20:17 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-08 20:17 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-08 20:17 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-08 20:17 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-08 20:17 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-08 20:17 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-08 20:17 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-08 20:17 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-08 20:17 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-08 20:17 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-08 20:17 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-08 20:17 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-08 20:17 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-08 20:17 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-08 20:17 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-08 20:17 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-08 20:17 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-08 20:17 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-08 20:17 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-08 20:17 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-08 20:17 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-08 20:17 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-08 20:17 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-08 20:17 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-08 20:17 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-08 20:17 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-08 20:17 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-08 20:17 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-08 20:17 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-08 20:17 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-08 20:17 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-08 20:17 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-08 20:17 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-08 20:17 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-08 20:17 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-08 20:17 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-08 20:17 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-08 20:17 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-08 20:17 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-08 20:17 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-08 20:17 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-08 20:17 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-08 20:17 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-08 20:17 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-08 20:17 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-08 20:17 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-08 20:17 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-08 20:17 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-08 20:17 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-08 20:17 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-08 20:17 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-08 20:17 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-08 20:17 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-08 20:17 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-08 20:17 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-08 20:17 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-08 20:17 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-08 20:17 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-08-08 20:16 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-08 20:16 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-08 20:16 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-08 20:16 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-08 20:16 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-08 20:16 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-08 20:16 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-08 20:16 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-08 20:16 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-08 20:16 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-08 20:16 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-08 20:16 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-08 20:16 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-08 20:16 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-08 20:16 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-08 20:16 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-08 20:16 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-08 20:16 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-08 20:16 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-08 20:16 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-08 20:16 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-08 20:16 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-08 20:16 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-08 20:16 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-08 20:16 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-08 20:16 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-08 20:16 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-08 20:16 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-08 20:16 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-08 20:16 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-08 20:16 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-08 20:16 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-08 20:15 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-08 20:15 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-08 20:15 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-08 20:15 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-08 20:15 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-08 20:15 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-08 20:15 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-08 20:15 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-08 20:15 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-08 20:15 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-08 20:15 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-08 20:15 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-08 20:15 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-08 20:15 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-08 20:15 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-08 20:15 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-08 20:15 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-08 20:15 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-08 20:15 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-08 20:15 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-08 20:15 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-08 20:15 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-08 20:15 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-08 20:15 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-08 20:15 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-08 20:15 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-08 20:15 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-08 20:15 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-08 20:15 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-08 20:15 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-08 20:15 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-08 20:15 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-08 20:15 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-08 20:15 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-08 20:15 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-08 20:15 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-08 20:15 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-08 20:15 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-08 20:15 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-08 20:15 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-08 20:15 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-08 20:15 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-08 20:15 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-08 20:15 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-08 20:15 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-08 20:15 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-08 20:15 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-08 20:15 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-08 20:15 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-08 20:15 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-08 20:15 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-08 20:15 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-08 20:15 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-08 20:15 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-08 20:15 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-08 20:15 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-08 20:15 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-08 20:15 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-08 20:15 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-08 20:15 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-08 20:15 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-08 20:15 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-08 20:15 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-08 20:15 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-08 20:15 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-08 20:15 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-08 20:15 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-08 20:15 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-08 20:15 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-08 20:15 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-08 20:15 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-08 20:15 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-08 20:15 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-08 20:15 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-08 20:15 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-08 20:15 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-08 20:15 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-08 20:15 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-08 20:15 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-08 20:15 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-08 20:15 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-08 20:15 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-08 20:15 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-08 20:15 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-08 20:15 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-08 20:15 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-08 20:15 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-08 20:15 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-08-08 20:15 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-08 20:15 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-08 20:15 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-08 20:15 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-08 20:15 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-08 20:15 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-08 20:15 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-08 20:15 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-08 20:15 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-08 20:15 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-08 20:15 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-08 20:15 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-08 20:15 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-08 20:15 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-08 20:15 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-08 20:15 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-08 20:15 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-08 20:15 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-08 20:15 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-08 20:15 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-08 20:15 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-08 20:15 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-08 20:15 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-08 20:15 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-08 20:15 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-08 20:15 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-08 20:15 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-08 20:15 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-08 20:15 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-08 20:15 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-08 20:15 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-08 20:15 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-08 20:15 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-08 20:15 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-08 20:15 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-08 20:15 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-08 20:15 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-08 20:15 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-08 20:15 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-08 20:14 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-08 20:14 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-08 20:14 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-08 20:14 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-08 20:14 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-08 20:14 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-08 20:14 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-08 20:14 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-08 20:14 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-08 20:14 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-08 20:14 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-08 20:14 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-08 20:14 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-08 20:14 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-08 20:14 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-08 20:14 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-08 20:14 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-08 20:14 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-08 20:14 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-08 20:14 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-08 20:14 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-08 20:14 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-08 20:14 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-08 20:14 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-08 20:14 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-08 20:14 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-08 20:14 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-08 20:14 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-08 20:14 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-08 20:14 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-08 20:14 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-08 20:14 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-08 20:14 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-08 20:14 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-08 20:14 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
-
lou17
- Pohlaví:
Re: Prosím o kontrolu
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-28 10:50 - 2017-06-05 10:32 - 000004216 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{40BD2DC6-AA9D-48AD-B4DB-8E37FA19FEC6}
2017-08-28 10:49 - 2015-09-10 08:57 - 000000000 __RDO C:\Users\D\OneDrive
2017-08-28 10:47 - 2017-06-05 10:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-28 10:47 - 2015-09-10 07:11 - 000000000 __SHD C:\Users\D\IntelGraphicsProfiles
2017-08-28 10:46 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-08-27 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-25 19:22 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-24 18:33 - 2017-06-05 10:14 - 000000000 ____D C:\Users\D
2017-08-24 16:56 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-08-23 22:16 - 2017-06-05 10:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-23 21:42 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-23 20:33 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-23 19:53 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-08-23 17:22 - 2016-12-08 17:54 - 000000000 ____D C:\Users\D\Desktop\líbí
2017-08-23 16:09 - 2017-06-05 10:34 - 002100624 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-23 16:09 - 2017-03-20 06:43 - 000920262 _____ C:\WINDOWS\system32\perfh005.dat
2017-08-23 16:09 - 2017-03-20 06:43 - 000200144 _____ C:\WINDOWS\system32\perfc005.dat
2017-08-18 20:45 - 2016-01-03 21:02 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-18 14:39 - 2015-09-28 17:40 - 000002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-14 20:19 - 2015-09-10 07:11 - 000000000 ____D C:\Users\D\AppData\Local\VirtualStore
2017-08-09 11:50 - 2015-09-10 07:08 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-09 11:47 - 2017-06-05 10:07 - 000230144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-08 20:29 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-08 20:24 - 2015-09-09 19:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-08 20:21 - 2015-09-09 19:42 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-31 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:15 - 2017-03-18 23:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-29 19:51 - 2015-09-10 07:11 - 000000000 ____D C:\Users\D\AppData\Local\Packages
==================== Files in the root of some directories =======
2017-06-05 10:12 - 2017-06-05 10:12 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-08-23 21:31
==================== End of FRST.txt ============================
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-28 10:50 - 2017-06-05 10:32 - 000004216 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{40BD2DC6-AA9D-48AD-B4DB-8E37FA19FEC6}
2017-08-28 10:49 - 2015-09-10 08:57 - 000000000 __RDO C:\Users\D\OneDrive
2017-08-28 10:47 - 2017-06-05 10:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-28 10:47 - 2015-09-10 07:11 - 000000000 __SHD C:\Users\D\IntelGraphicsProfiles
2017-08-28 10:46 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-08-27 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-25 19:22 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-24 18:33 - 2017-06-05 10:14 - 000000000 ____D C:\Users\D
2017-08-24 16:56 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-08-23 22:16 - 2017-06-05 10:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-23 21:42 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-23 20:33 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-23 19:53 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-08-23 17:22 - 2016-12-08 17:54 - 000000000 ____D C:\Users\D\Desktop\líbí
2017-08-23 16:09 - 2017-06-05 10:34 - 002100624 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-23 16:09 - 2017-03-20 06:43 - 000920262 _____ C:\WINDOWS\system32\perfh005.dat
2017-08-23 16:09 - 2017-03-20 06:43 - 000200144 _____ C:\WINDOWS\system32\perfc005.dat
2017-08-18 20:45 - 2016-01-03 21:02 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-18 14:39 - 2015-09-28 17:40 - 000002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-14 20:19 - 2015-09-10 07:11 - 000000000 ____D C:\Users\D\AppData\Local\VirtualStore
2017-08-09 11:50 - 2015-09-10 07:08 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-09 11:47 - 2017-06-05 10:07 - 000230144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-08 21:28 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-08 20:29 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-08 20:24 - 2015-09-09 19:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-08 20:21 - 2015-09-09 19:42 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-31 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:15 - 2017-03-18 23:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-29 19:51 - 2015-09-10 07:11 - 000000000 ____D C:\Users\D\AppData\Local\Packages
==================== Files in the root of some directories =======
2017-06-05 10:12 - 2017-06-05 10:12 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-08-23 21:31
==================== End of FRST.txt ============================
-
lou17
- Pohlaví:
Re: Prosím o kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by D (28-08-2017 11:05:03)
Running from C:\Users\D\Downloads
Windows 10 Home Version 1703 (X64) (2017-06-05 08:43:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2847175294-2144517108-672257983-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2847175294-2144517108-672257983-503 - Limited - Disabled)
D (S-1-5-21-2847175294-2144517108-672257983-1001 - Administrator - Enabled) => C:\Users\D
Guest (S-1-5-21-2847175294-2144517108-672257983-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.101 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f4d8103-e601-4d48-b81d-d508d760aaba}) (Version: 17.0.3 - Intel Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1321.0_WHQL - Sonix)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Malwarebytes verze 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2847175294-2144517108-672257983-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2847175294-2144517108-672257983-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-23] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-08-24] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-23] (AVAST Software)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-23] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-24] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2015-09-24] (Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-08-24] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-23] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A64EE8B-0D8E-4970-B5D2-3436D2A107C0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0B24D119-D523-47AF-B70F-0E97D35B486D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {0B26FB7D-D70E-45EA-9FBF-02D6A7421CC4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0CCEE4CC-708C-4D0E-BFFC-2DA4B24F34AE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {12AD05B6-542A-436E-AD90-4F0B6509FE86} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {1FBE0EB0-449B-4E33-B6BC-58126DDDEEC8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-08] (Microsoft Corporation)
Task: {281E5D3D-A8EA-462C-890A-E2123AA1E3E8} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {37565A9A-6127-46A9-A250-659217D3D093} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {4660F5D9-B8C2-4407-9FB7-308504B9C9E5} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {52DED86A-A9F2-401D-B5DC-FA17F6A5A7F3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {5ACF9C12-1456-4DF0-814B-EEC943A45C9A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {77144E4D-4DA2-4DA0-B8BB-B5591705217E} - System32\Tasks\SafeZone scheduled Autoupdate 1503494728 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {8066E67C-AEE4-457C-B67B-92E0E0888531} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {93B63DEA-94A8-4B4D-925A-90BDDB576103} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {97854C4F-2F61-44B8-8F59-169FDFDB4F6A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {99E18690-4F72-42F1-907E-347F6BF37CDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {AFFC075F-440B-4FC7-9BA6-1CAE418557B3} - \WPD\SqmUpload_S-1-5-21-2847175294-2144517108-672257983-1001 -> No File <==== ATTENTION
Task: {B992AE0A-B8B1-4EA4-89B4-388BEA26D005} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C4C3A75C-39E2-4A72-B2B6-BACB1B88F0E4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-08-23] (AVAST Software)
Task: {C95C7150-8604-467C-918C-D3A34EC90BF1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {D6CF6EC6-946A-40C1-B169-11BF42209E69} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D78C7AD9-AA03-4211-B61A-DD20843F366E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DE46A686-CC18-446E-9B1B-EAD9DEEABC3E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E519DAB2-CBF7-485C-AC09-7D0207B24ECE} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {ECEA0093-A27B-4402-B0F8-DECA5174E8C4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {F00CCDE9-D0C0-496B-8552-EA94FFAD9AF4} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {F07B3A26-5296-48E2-9B7E-2FEEF2D830E7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {FE800A35-99BA-4E1F-8019-D8496E13CF23} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-11-08 00:22 - 2012-04-24 12:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-08-23 18:52 - 2017-08-21 07:20 - 002264520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-08-24 18:22 - 2017-08-24 18:22 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2014-11-07 23:38 - 2010-10-26 06:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-03-26 22:50 - 2014-11-08 00:34 - 000058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2016-09-28 18:25 - 2016-09-28 18:25 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-11-08 00:28 - 2014-11-08 00:28 - 000815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2017-03-18 22:59 - 2017-03-20 06:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-08-18 14:39 - 2017-08-11 09:40 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.101\libglesv2.dll
2017-08-18 14:39 - 2017-08-11 09:40 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.101\libegl.dll
2017-08-23 15:19 - 2017-08-23 15:19 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-08-23 15:20 - 2017-08-23 15:20 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-08-23 15:20 - 2017-08-23 15:20 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-08-23 15:20 - 2017-08-23 15:20 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-08-23 15:20 - 2017-08-23 15:20 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-08-23 15:19 - 2017-08-23 15:19 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-08-23 15:20 - 2017-08-23 15:20 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2017-08-24 17:26 - 000000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2847175294-2144517108-672257983-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\D\Desktop\finding_dory_4k-wide.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{5AA270C5-3D0B-44CA-A65E-2E895FE7BD7E}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe
FirewallRules: [TCP Query User{153E6D53-9FAC-49CE-824A-0092C14CD75D}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe
FirewallRules: [UDP Query User{E30257D7-62E6-4860-BA99-F321A74A3FAC}C:\windows\system32\sihost.exe] => (Block) C:\windows\system32\sihost.exe
FirewallRules: [TCP Query User{38B950B9-976E-400E-824A-C0474C626A36}C:\windows\system32\sihost.exe] => (Block) C:\windows\system32\sihost.exe
FirewallRules: [UDP Query User{4C525932-F5D2-4C69-9243-918CE6DEA145}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [TCP Query User{C23DC9DD-6755-461E-936F-DC2BE5149350}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [{82E3B106-1FE4-40D2-865A-88F9283CEA86}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{AF15808C-3B08-4306-B062-A49D4BE61A86}] => (Allow) LPort=55100
FirewallRules: [{3BF3B447-BBB6-4FD1-AA9C-D5F41024BA73}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{5F1F4303-4AB0-4875-9345-EC4AC5EEE682}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{5F9B02C4-B80E-4A51-9DA3-2CE31ED01AE8}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{4AEE3CCC-EF77-4D02-BE5A-59A81824F03B}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{52A2A660-A271-4A95-8830-74675E3ABA3E}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{1BA9DCE2-5F91-4E39-8E5C-782FC1A6BC1C}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{084EDE70-F2F8-46AB-9EE7-51ED4F17B053}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{05DCE3C5-A96E-49EE-B2D4-7AB1DE7CE2D0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{8D174C20-7771-4E6B-8666-63F848E4C99C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B3BDFA99-90E1-4D25-A90C-80E4429950C6}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
FirewallRules: [{FD33B9D4-3289-4304-9326-FB0CE712B3FD}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
==================== Restore Points =========================
13-06-2017 20:20:35 Windows Update
12-07-2017 20:29:10 Windows Update
08-08-2017 20:18:59 Windows Update
08-08-2017 20:20:19 Windows Update
23-08-2017 20:01:39 JRT Pre-Junkware Removal
23-08-2017 20:02:54 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/26/2017 04:23:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/25/2017 07:29:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 20.8.2017.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 1a08
Čas spuštění: 01d31dc7aca8144f
Čas ukončení: 24
Cesta k aplikaci: C:\Users\D\Downloads\FRST64.exe
ID hlášení: cb56bf2e-f5da-46c9-9a91-73192a1f04b6
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (08/25/2017 07:23:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/24/2017 06:16:20 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.
Error: (08/24/2017 06:16:15 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (08/24/2017 03:55:16 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/24/2017 03:55:16 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/24/2017 03:54:21 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/24/2017 03:54:21 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/23/2017 10:12:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: D)
Description: Balíček Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.
System errors:
=============
Error: (08/28/2017 10:47:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Uživatelská služba platformy připojených zařízení_2e219 byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (08/28/2017 10:47:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.
Error: (08/28/2017 10:39:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Uživatelská služba platformy připojených zařízení_1701da byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (08/27/2017 08:31:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Přístup k uživatelským datům_2e722 byla ukončena s následující chybou:
Třída není zaregistrována
Error: (08/27/2017 08:31:16 PM) (Source: DCOM) (EventID: 10010) (User: D)
Description: Server {D63B10C5-BB46-4990-A94F-E40B9D520160} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/27/2017 08:31:16 PM) (Source: DCOM) (EventID: 10010) (User: D)
Description: Server {D63B10C5-BB46-4990-A94F-E40B9D520160} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/27/2017 08:31:15 PM) (Source: DCOM) (EventID: 10010) (User: D)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/27/2017 08:31:14 PM) (Source: DCOM) (EventID: 10010) (User: D)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/27/2017 08:31:14 PM) (Source: DCOM) (EventID: 10010) (User: D)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/27/2017 08:31:14 PM) (Source: DCOM) (EventID: 10010) (User: D)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===================================
Date: 2017-08-23 20:23:49.898
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-08-23 20:23:49.060
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 52%
Total physical RAM: 3979.21 MB
Available physical RAM: 1882.5 MB
Total Virtual: 4683.21 MB
Available Virtual: 2319.06 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:425.14 GB) (Free:375.32 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.94 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 76838BC9)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by D (28-08-2017 11:05:03)
Running from C:\Users\D\Downloads
Windows 10 Home Version 1703 (X64) (2017-06-05 08:43:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2847175294-2144517108-672257983-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2847175294-2144517108-672257983-503 - Limited - Disabled)
D (S-1-5-21-2847175294-2144517108-672257983-1001 - Administrator - Enabled) => C:\Users\D
Guest (S-1-5-21-2847175294-2144517108-672257983-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.101 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f4d8103-e601-4d48-b81d-d508d760aaba}) (Version: 17.0.3 - Intel Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1321.0_WHQL - Sonix)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Malwarebytes verze 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2847175294-2144517108-672257983-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2847175294-2144517108-672257983-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-23] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-08-24] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-23] (AVAST Software)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-23] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-24] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2015-09-24] (Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-08-24] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-23] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A64EE8B-0D8E-4970-B5D2-3436D2A107C0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {0B24D119-D523-47AF-B70F-0E97D35B486D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {0B26FB7D-D70E-45EA-9FBF-02D6A7421CC4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0CCEE4CC-708C-4D0E-BFFC-2DA4B24F34AE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {12AD05B6-542A-436E-AD90-4F0B6509FE86} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {1FBE0EB0-449B-4E33-B6BC-58126DDDEEC8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-08] (Microsoft Corporation)
Task: {281E5D3D-A8EA-462C-890A-E2123AA1E3E8} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {37565A9A-6127-46A9-A250-659217D3D093} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-08-17] (Lenovo)
Task: {4660F5D9-B8C2-4407-9FB7-308504B9C9E5} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {52DED86A-A9F2-401D-B5DC-FA17F6A5A7F3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {5ACF9C12-1456-4DF0-814B-EEC943A45C9A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {77144E4D-4DA2-4DA0-B8BB-B5591705217E} - System32\Tasks\SafeZone scheduled Autoupdate 1503494728 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {8066E67C-AEE4-457C-B67B-92E0E0888531} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {93B63DEA-94A8-4B4D-925A-90BDDB576103} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {97854C4F-2F61-44B8-8F59-169FDFDB4F6A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {99E18690-4F72-42F1-907E-347F6BF37CDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {AFFC075F-440B-4FC7-9BA6-1CAE418557B3} - \WPD\SqmUpload_S-1-5-21-2847175294-2144517108-672257983-1001 -> No File <==== ATTENTION
Task: {B992AE0A-B8B1-4EA4-89B4-388BEA26D005} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C4C3A75C-39E2-4A72-B2B6-BACB1B88F0E4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-08-23] (AVAST Software)
Task: {C95C7150-8604-467C-918C-D3A34EC90BF1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-28] (Google Inc.)
Task: {D6CF6EC6-946A-40C1-B169-11BF42209E69} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D78C7AD9-AA03-4211-B61A-DD20843F366E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DE46A686-CC18-446E-9B1B-EAD9DEEABC3E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E519DAB2-CBF7-485C-AC09-7D0207B24ECE} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {ECEA0093-A27B-4402-B0F8-DECA5174E8C4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {F00CCDE9-D0C0-496B-8552-EA94FFAD9AF4} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {F07B3A26-5296-48E2-9B7E-2FEEF2D830E7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {FE800A35-99BA-4E1F-8019-D8496E13CF23} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-11-08 00:22 - 2012-04-24 12:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-08-23 18:52 - 2017-08-21 07:20 - 002264520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-08-24 18:22 - 2017-08-24 18:22 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2014-11-07 23:38 - 2010-10-26 06:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-03-26 22:50 - 2014-11-08 00:34 - 000058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2016-09-28 18:25 - 2016-09-28 18:25 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-11-08 00:28 - 2014-11-08 00:28 - 000815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2017-03-18 22:59 - 2017-03-20 06:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-08-18 14:39 - 2017-08-11 09:40 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.101\libglesv2.dll
2017-08-18 14:39 - 2017-08-11 09:40 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.101\libegl.dll
2017-08-23 15:19 - 2017-08-23 15:19 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-08-23 15:20 - 2017-08-23 15:20 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-08-23 15:20 - 2017-08-23 15:20 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-08-23 15:20 - 2017-08-23 15:20 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-08-23 15:20 - 2017-08-23 15:20 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-08-23 15:19 - 2017-08-23 15:19 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-08-23 15:20 - 2017-08-23 15:20 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2017-08-24 17:26 - 000000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2847175294-2144517108-672257983-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\D\Desktop\finding_dory_4k-wide.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{5AA270C5-3D0B-44CA-A65E-2E895FE7BD7E}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe
FirewallRules: [TCP Query User{153E6D53-9FAC-49CE-824A-0092C14CD75D}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe
FirewallRules: [UDP Query User{E30257D7-62E6-4860-BA99-F321A74A3FAC}C:\windows\system32\sihost.exe] => (Block) C:\windows\system32\sihost.exe
FirewallRules: [TCP Query User{38B950B9-976E-400E-824A-C0474C626A36}C:\windows\system32\sihost.exe] => (Block) C:\windows\system32\sihost.exe
FirewallRules: [UDP Query User{4C525932-F5D2-4C69-9243-918CE6DEA145}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [TCP Query User{C23DC9DD-6755-461E-936F-DC2BE5149350}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [{82E3B106-1FE4-40D2-865A-88F9283CEA86}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{AF15808C-3B08-4306-B062-A49D4BE61A86}] => (Allow) LPort=55100
FirewallRules: [{3BF3B447-BBB6-4FD1-AA9C-D5F41024BA73}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{5F1F4303-4AB0-4875-9345-EC4AC5EEE682}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{5F9B02C4-B80E-4A51-9DA3-2CE31ED01AE8}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{4AEE3CCC-EF77-4D02-BE5A-59A81824F03B}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{52A2A660-A271-4A95-8830-74675E3ABA3E}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{1BA9DCE2-5F91-4E39-8E5C-782FC1A6BC1C}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{084EDE70-F2F8-46AB-9EE7-51ED4F17B053}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{05DCE3C5-A96E-49EE-B2D4-7AB1DE7CE2D0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{8D174C20-7771-4E6B-8666-63F848E4C99C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B3BDFA99-90E1-4D25-A90C-80E4429950C6}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
FirewallRules: [{FD33B9D4-3289-4304-9326-FB0CE712B3FD}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
==================== Restore Points =========================
13-06-2017 20:20:35 Windows Update
12-07-2017 20:29:10 Windows Update
08-08-2017 20:18:59 Windows Update
08-08-2017 20:20:19 Windows Update
23-08-2017 20:01:39 JRT Pre-Junkware Removal
23-08-2017 20:02:54 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/26/2017 04:23:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/25/2017 07:29:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 20.8.2017.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 1a08
Čas spuštění: 01d31dc7aca8144f
Čas ukončení: 24
Cesta k aplikaci: C:\Users\D\Downloads\FRST64.exe
ID hlášení: cb56bf2e-f5da-46c9-9a91-73192a1f04b6
Úplný název balíčku s chybou:
ID aplikace související s balíčkem s chybou:
Error: (08/25/2017 07:23:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: D)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/24/2017 06:16:20 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.
Error: (08/24/2017 06:16:15 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (08/24/2017 03:55:16 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/24/2017 03:55:16 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/24/2017 03:54:21 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/24/2017 03:54:21 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000
Error: (08/23/2017 10:12:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: D)
Description: Balíček Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.
System errors:
=============
Error: (08/28/2017 10:47:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Uživatelská služba platformy připojených zařízení_2e219 byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (08/28/2017 10:47:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.
Error: (08/28/2017 10:39:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Uživatelská služba platformy připojených zařízení_1701da byla ukončena s následující chybou:
Nespecifikovaná chyba
Error: (08/27/2017 08:31:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Přístup k uživatelským datům_2e722 byla ukončena s následující chybou:
Třída není zaregistrována
Error: (08/27/2017 08:31:16 PM) (Source: DCOM) (EventID: 10010) (User: D)
Description: Server {D63B10C5-BB46-4990-A94F-E40B9D520160} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/27/2017 08:31:16 PM) (Source: DCOM) (EventID: 10010) (User: D)
Description: Server {D63B10C5-BB46-4990-A94F-E40B9D520160} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/27/2017 08:31:15 PM) (Source: DCOM) (EventID: 10010) (User: D)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/27/2017 08:31:14 PM) (Source: DCOM) (EventID: 10010) (User: D)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/27/2017 08:31:14 PM) (Source: DCOM) (EventID: 10010) (User: D)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.
Error: (08/27/2017 08:31:14 PM) (Source: DCOM) (EventID: 10010) (User: D)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===================================
Date: 2017-08-23 20:23:49.898
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2017-08-23 20:23:49.060
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 52%
Total physical RAM: 3979.21 MB
Available physical RAM: 1882.5 MB
Total Virtual: 4683.21 MB
Available Virtual: 2319.06 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:425.14 GB) (Free:375.32 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.94 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 76838BC9)
Partition: GPT.
==================== End of Addition.txt ============================
-
lou17
- Pohlaví:
Re: Prosím o kontrolu
kde mám prosím u toho Malwarebytes vypnout tu rez. ochranu? nikde jsem to tam nenašla
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
Klikni na dolníště na ikonu malwarebates pravým myšítkem a vyber "--real-time protection"
Udělej ten script , co jsem psal výše v frst.
Udělej ten script , co jsem psal výše v frst.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 9 hostů