Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zasekany a spomalený notebook

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Zasekany a spomalený notebook

#1 Příspěvek od PureHate44 »

Ďakujem za rady a postupy :-)

Logfile of random's system information tool 1.10 (written by random/random)
Run by Stanislava at 2018-04-04 10:41:30
Microsoft Windows 10 Home
System drive C: has 12 GB (6%) free of 190 GB
Total RAM: 3982 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:41:45, on 04.04.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\OkayFreedom\Notifier.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\APRP\APRP.EXE
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Users\Stanislava\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Users\Stanislava\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\Program Files\trend micro\Stanislava.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [OKAYFREEDOM Notifier] "C:\Program Files (x86)\OkayFreedom\Notifier.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Stanislava\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Stanislava\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [OKAYFREEDOM_Agent] "C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
O4 - HKCU\..\RunOnce: [Uninstall 18.025.0204.0009\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stanislava\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\amd64"
O4 - HKCU\..\RunOnce: [Uninstall 18.025.0204.0009] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stanislava\AppData\Local\Microsoft\OneDrive\18.025.0204.0009"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: Asus WebStorage Windows Service - Unknown owner - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\WINDOWS\system32\HPSIsvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: OkayFreedom VPN Starter Service - Steganos Software GmbH - C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShow Gold\ScsiAccess.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11987 bytes

======Listing Processes======







winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\system32\FBAgent.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
dashost.exe {983c8566-411f-4f1a-bf8e8a1a32c2c4ea}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\HPSIsvc.exe
"C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe"
"C:\Program Files (x86)\Photodex\ProShow Gold\ScsiAccess.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k osrss
C:\WINDOWS\system32\svchost.exe -k appmodel

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /AECBYLISTENTOSTATUS
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\OkayFreedom\Notifier.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe"
KBFiltr.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files\rempl\remsh.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Stanislava\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Stanislava\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Stanislava\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=65.0.3325.181 --initial-client-data=0x1b4,0x1b8,0x1bc,0x1b0,0x1c0,0x7ffb63faf1e8,0x7ffb63faf1f8,0x7ffb63faf208
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5832 --on-initialized-event-handle=588 --parent-handle=592 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1648,3276252929443119335,17582886209212684363,131072 --gpu-preferences=KAAAAAAAAAAABwAAAQAAAAAAAAAAAGAAAQAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.4358 --gpu-driver-date=12-21-2015 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x1298 --service-request-channel-token=EB701C67A1CF9A2834397C6023EBBD16 --mojo-platform-channel-handle=1660 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,3276252929443119335,17582886209212684363,131072 --service-pipe-token=46CE033E61CCDDA2116DE784C5FA4A7D --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=46CE033E61CCDDA2116DE784C5FA4A7D --renderer-client-id=3 --mojo-platform-channel-handle=3600 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,3276252929443119335,17582886209212684363,131072 --service-pipe-token=E73AEEDF3DAC691B9DBABB740EAF6C51 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=E73AEEDF3DAC691B9DBABB740EAF6C51 --renderer-client-id=10 --mojo-platform-channel-handle=4980 /prefetch:1
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.2151_none_7f2129e421da1aca\TiWorker.exe -Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1648,3276252929443119335,17582886209212684363,131072 --lang=sk --service-sandbox-type=utility --service-request-channel-token=6823F28110AAF10E9F93E85DE23520B4 --mojo-platform-channel-handle=1368 --ignored=" --type=renderer " /prefetch:8
/updateInstalled /background
"fontdrvhost.exe"
C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
C:\WINDOWS\System32\msdtc.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\InstallAgent.exe -Embedding
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x3d0
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppX368sbpk1kx658x0p332evjk2v0y02kxp.mca
C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV15:{}
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,3276252929443119335,17582886209212684363,131072 --service-pipe-token=A2BB84C352B8B77287F6170ED9DC2BDF --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=A2BB84C352B8B77287F6170ED9DC2BDF --renderer-client-id=23 --mojo-platform-channel-handle=7012 /prefetch:1
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV15:{} /WakeupRun
C:\WINDOWS\system32\devicecensus.exe
C:\WINDOWS\system32\compattelrunner.exe
C:\WINDOWS\System32\sihclient.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Users\Stanislava\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 656 660 668 8192 664
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,3276252929443119335,17582886209212684363,131072 --service-pipe-token=791B10DB2922453A57F2C29BB304786B --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=791B10DB2922453A57F2C29BB304786B --renderer-client-id=24 --mojo-platform-channel-handle=6336 /prefetch:1
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:F4wG+D2HGUW7vdj6.1
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Users\Stanislava\Downloads\RSITx64.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
C:\WINDOWS\System32\svchost.exe -k Camera
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\McAfeeLogon.job - C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe /platui

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-03-22 1804360]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [2017-11-29 324216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"!GetCurrentRollback"=C:\Windows10Upgrade\GetCurrentRollback.exe [2018-03-13 73392]
"RollbackOnline"=C:\$WINDOWS.~BT\Sources\SetupPlatform.exe [2018-03-18 167096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-01-09 10257872]
"OneDrive"=C:\Users\Stanislava\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-04-03 1570976]
"uTorrent"=C:\Users\Stanislava\AppData\Roaming\uTorrent\uTorrent.exe [2017-09-26 1982144]
"OKAYFREEDOM_Agent"=C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [2018-01-29 6267384]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall 18.025.0204.0009\amd64"=C:\WINDOWS\system32\cmd.exe [2016-07-16 232960]
"Uninstall 18.025.0204.0009"=C:\WINDOWS\system32\cmd.exe [2016-07-16 232960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09 1183256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2013-05-01 3187360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [2012-12-19 3576784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4]
c:\windows\temp\DisableS3S464\sethigh.cmd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2016-05-03 391648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcpltui_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-08-13 1489920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2017-08-13 18381792]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"OKAYFREEDOM Notifier"=C:\Program Files (x86)\OkayFreedom\Notifier.exe [2018-01-29 4201464]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []

C:\Users\Stanislava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"DisableCAD"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-04-03 23:41:02 ----HD---- C:\$WINDOWS.~BT
2018-04-03 03:19:43 ----ASH---- C:\swapfile.sys
2018-04-03 03:19:42 ----ASH---- C:\hiberfil.sys
2018-03-30 00:25:26 ----D---- C:\WINDOWS\UpdateAssistant
2018-03-18 09:22:31 ----A---- C:\WINDOWS\system32\pcadm.dll
2018-03-18 09:22:27 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-03-18 09:22:21 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-03-18 09:22:20 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-18 09:22:18 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2018-03-18 09:22:18 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-03-18 09:22:17 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-03-18 09:22:16 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-18 09:22:16 ----A---- C:\WINDOWS\system32\invagent.dll
2018-03-18 09:22:16 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-03-18 09:22:14 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-03-18 09:22:14 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-03-18 09:21:56 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-03-18 09:21:56 ----A---- C:\WINDOWS\system32\aepic.dll
2018-03-18 09:21:55 ----A---- C:\WINDOWS\system32\devinv.dll
2018-03-18 09:21:53 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-03-16 23:30:03 ----SD---- C:\WINDOWS\UpdateAssistantV2
2018-03-15 22:43:22 ----A---- C:\WINDOWS\system32\EOSNotify.exe
2018-03-15 22:40:53 ----A---- C:\WINDOWS\system32\perfh01B.dat
2018-03-15 22:40:53 ----A---- C:\WINDOWS\system32\perfc01B.dat
2018-03-15 22:22:57 ----A---- C:\WINDOWS\system32\aspnet_counters.dll
2018-03-15 22:22:47 ----A---- C:\WINDOWS\system32\msvcr100_clr0400.dll
2018-03-15 22:22:38 ----A---- C:\WINDOWS\SYSWOW64\aspnet_counters.dll
2018-03-15 22:22:29 ----A---- C:\WINDOWS\SYSWOW64\msvcr100_clr0400.dll
2018-03-10 02:40:35 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2018-03-10 02:40:35 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2018-03-10 02:40:34 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2018-03-10 02:40:34 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2018-03-10 02:40:34 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2018-03-10 02:40:34 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2018-03-10 02:40:04 ----A---- C:\WINDOWS\system32\wups2.dll
2018-03-10 02:40:04 ----A---- C:\WINDOWS\system32\wuaueng.dll
2018-03-10 02:40:03 ----A---- C:\WINDOWS\system32\wuauclt.exe
2018-03-10 02:40:00 ----A---- C:\WINDOWS\system32\wups.dll
2018-03-10 02:39:59 ----A---- C:\WINDOWS\system32\wuuhext.dll
2018-03-10 02:39:59 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2018-03-10 02:39:59 ----A---- C:\WINDOWS\system32\wuapi.dll
2018-03-10 02:39:59 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2018-03-10 02:39:58 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2018-03-10 02:39:58 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2018-03-10 02:39:58 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2018-03-10 02:39:55 ----A---- C:\WINDOWS\system32\usocore.dll
2018-03-10 02:39:55 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-03-10 02:39:52 ----A---- C:\WINDOWS\system32\storewuauth.dll
2018-03-10 02:39:49 ----A---- C:\WINDOWS\system32\dosvc.dll

======List of files/folders modified in the last 1 month======

2018-04-04 10:41:45 ----D---- C:\Program Files\trend micro
2018-04-04 10:40:13 ----D---- C:\WINDOWS\Temp
2018-04-04 10:36:37 ----D---- C:\WINDOWS\Prefetch
2018-04-04 10:36:21 ----D---- C:\WINDOWS\system32\sru
2018-04-04 10:36:14 ----D---- C:\WINDOWS\system32\SleepStudy
2018-04-04 01:11:19 ----D---- C:\WINDOWS\Registration
2018-04-04 01:10:54 ----D---- C:\WINDOWS\CbsTemp
2018-04-03 23:41:34 ----D---- C:\WINDOWS\Panther
2018-04-03 23:38:33 ----A---- C:\WINDOWS\progress.ini
2018-04-03 23:10:20 ----HD---- C:\$GetCurrent
2018-04-03 22:34:20 ----D---- C:\WINDOWS\system32\Tasks
2018-04-03 22:30:32 ----D---- C:\Windows10Upgrade
2018-04-03 22:30:26 ----D---- C:\WINDOWS\INF
2018-04-03 22:26:39 ----D---- C:\ProgramData\ASUS Smart Gesture
2018-04-03 22:22:59 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2018-04-03 04:39:44 ----SHD---- C:\System Volume Information
2018-04-03 03:24:07 ----D---- C:\WINDOWS\System32
2018-04-03 03:24:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-03 01:17:18 ----D---- C:\WINDOWS\AppReadiness
2018-04-03 01:09:08 ----RD---- C:\WINDOWS\Microsoft.NET
2018-04-03 00:27:37 ----HD---- C:\Program Files\WindowsApps
2018-03-31 23:22:00 ----D---- C:\Users\Stanislava\AppData\Roaming\Skype
2018-03-30 00:25:31 ----SHD---- C:\WINDOWS\Installer
2018-03-30 00:25:31 ----SHD---- C:\Config.Msi
2018-03-30 00:25:26 ----D---- C:\Windows
2018-03-27 22:24:22 ----D---- C:\WINDOWS\system32\config
2018-03-25 06:26:24 ----D---- C:\WINDOWS\system32\catroot2
2018-03-23 17:04:48 ----AD---- C:\Program Files\rempl
2018-03-23 17:02:29 ----D---- C:\WINDOWS\WinSxS
2018-03-21 20:51:51 ----D---- C:\WINDOWS\system32\LogFiles
2018-03-18 18:36:39 ----D---- C:\WINDOWS\SysWOW64
2018-03-18 18:36:39 ----D---- C:\WINDOWS\system32\appraiser
2018-03-15 22:58:40 ----D---- C:\WINDOWS\system32\MRT
2018-03-15 22:48:44 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-15 22:47:59 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-03-12 18:35:15 ----D---- C:\WINDOWS\rescache
2018-03-10 04:29:42 ----D---- C:\WINDOWS\system32\wbem
2018-03-10 04:29:42 ----D---- C:\WINDOWS\system32\sk-SK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-09-14 647736]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2017-11-29 132848]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2017-11-29 180088]
R1 epfwwfpr;epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [2017-11-29 77736]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [2017-01-05 27552]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 speedfan;speedfan; \??\C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 AsusTP;@oem22.inf,%PS2.DeviceDesc%;ASUS Input Touchpad Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2017-03-09 128024]
R3 athr;@oem71.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw10x.sys [2017-03-23 4318648]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2017-06-02 609696]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-10-04 84992]
R3 HIDSwitch;@oem76.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsRadioControl.sys [2017-06-02 31120]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-05-03 3811288]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2017-08-13 5826560]
R3 IntcDAud;@oem10.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem15.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 kbfiltr;@oem5.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem47.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2017-01-06 186424]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [2016-09-12 13754936]
R3 RSBASTOR;@oem85.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys [2017-08-13 338400]
R3 rt640x64;@oem91.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-08-13 984032]
R3 tap0901;@oem93.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\System32\drivers\tap0901.sys [2016-04-21 27136]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2018-02-20 15872]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2016-09-12 57400]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-10-04 114176]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2016-10-04 249856]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2016-11-11 967168]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dg_ssudbus;@oem32.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 dot4;@oem25.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem2.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2015-03-23 21928]
S3 dot4usb;@oem25.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-10-04 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-01 50160]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 mvusbews;@oem24.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2012-11-08 19968]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
S3 RTL8168;@oem62.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys [2013-11-29 838872]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 ssudmdm;@oem38.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2013-06-14 1281640]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_3fda70;CDPUserSvc_3fda70; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2017-11-29 2648184]
R2 HPSIService;HP SI Service; C:\WINDOWS\system32\HPSIsvc.exe [2012-11-08 126856]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-03 337888]
R2 OkayFreedom VPN Starter Service;OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [2018-01-29 358408]
R2 OneSyncSvc_3fda70;Sync Host_3fda70; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 osrss;OS Remediation System Service; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 ScsiAccess;ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Gold\ScsiAccess.exe [2016-07-24 186760]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-10-05 110976]
R3 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-04-13 277120]
R3 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R3 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
R3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-09-13 2466448]
R3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R3 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-08-01 1365048]
R3 PimIndexMaintenanceSvc_3fda70;Kontaktné údaje_3fda70; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-31 107848]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-01-16 317400]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-05-03 299488]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-31 107848]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_3fda70;MessagingService_3fda70; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2016-10-04 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2016-07-16 287744]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]

-----------------EOF-----------------
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Zasekany a spomalený notebook

#2 Příspěvek od PureHate44 »

info.txt logfile of random's system information tool 1.10 2018-04-04 10:41:54

======MBR======

0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004928F2B9000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->"C:\Program Files (x86)\WildGames\Game Explorer Categories - genres\Uninstall.exe"
-->MsiExec /X{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}
7-Zip 16.00 (x64)-->C:\Program Files\7-Zip\Uninstall.exe
Adobe Acrobat Reader DC-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AC0F074E4100}
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824265200}
Aktualizácie NVIDIA 10.4.0-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Update
Asistent pri aktualizácii na Windows 10-->"C:\Windows10Upgrade\Windows10UpgraderApp.exe" /Uninstall
ASUS InstantOn-->MsiExec.exe /I{749F674B-2674-47E8-879C-5626A06B2A91}
ASUS LifeFrame3-->MsiExec.exe /X{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
ASUS Live Update-->MsiExec.exe /X{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
ASUS Power4Gear Hybrid-->MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
ASUS Screen Saver-->MsiExec.exe /I{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}
ASUS Smart Gesture-->MsiExec.exe /I{4D3286A6-F6AB-498A-82A4-E4F040529F3D}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /X{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS USB Charger Plus-->MsiExec.exe /X{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}
ASUS WebStorage Sync Agent-->C:\Program Files (x86)\ASUS\WebStorage Sync Agent\uninst.exe
ASUSDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
ASUSDVD-->"C:\Program Files (x86)\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
AsusVibe2.0-->C:\Program Files (x86)\Asus\AsusVibe\unins000.exe
ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
Azteca-->"C:\Program Files (x86)\WildGames\Azteca\uninstall\uninstaller.exe"
Bejeweled 3-->"C:\Program Files (x86)\WildGames\Bejeweled 3\uninstall\uninstaller.exe"
BS.Player PRO-->"C:\Program Files (x86)\Webteh\BSplayerPro\uninstall.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cut the Rope-->"C:\Program Files (x86)\WildGames\Cut the Rope\uninstall\uninstaller.exe"
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Elcomm-->"C:\Program Files (x86)\Elcom\Elcomm\Elcomm_uninstaller.exe"
ESET NOD32 Antivirus-->MsiExec.exe /I{7B53AC08-0B41-460F-8E0F-BC0669E3CA67}
Evolution GT 1.0-->"C:\Program Files (x86)\Black Bean\Evolution GT\unins000.exe"
Fotogaléria-->MsiExec.exe /X{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}
Fotogalerie-->MsiExec.exe /X{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}
Fotótár-->MsiExec.exe /X{E50E3DBC-46AA-4827-B2A6-F995D81DF526}
Galeria fotografii-->MsiExec.exe /X{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\Installer\setup.exe" --uninstall --system-level --verbose-logging
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
HD Tach version 3-->"C:\Program Files (x86)\Simpli Software\HD Tach\unins000.exe"
HeavyLoad V3.3 (64 bit)-->"C:\Program Files\JAM Software\HeavyLoad\unins000.exe"
HP LaserJet Professional M1130-M1210 MFP Series-->C:\Program Files\HP\HP LaserJet M1210 MFP Series\Uninstall.exe
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->"C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe" -uninstall
Intel(R) SDK for OpenCL - CPU Only Runtime Package-->C:\Program Files (x86)\Intel\OpenCL SDK\2.0\Uninstall\setup.exe -uninstall
Intel® Trusted Connect Service Client-->MsiExec.exe /I{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}
Microsoft Access database engine 2010 (English)-->MsiExec.exe /I{90140000-00D1-0409-0000-0000000FF1CE}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Office-->MsiExec.exe /X{90150000-0138-0409-0000-0000000FF1CE}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Movie Maker-->MsiExec.exe /X{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}
Movie Maker-->MsiExec.exe /X{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}
Movie Maker-->MsiExec.exe /X{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}
Movie Maker-->MsiExec.exe /X{A035950F-15BA-41C0-9D8F-165FC0536012}
Movie Maker-->MsiExec.exe /X{A47EA9D4-BB87-415E-9239-28860434E5A0}
Movie Maker-->MsiExec.exe /X{ED6C77F9-4D7E-447C-9EC0-9A212D075535}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSVCRT110_amd64-->MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77}
MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
MyBitCast 2.0-->C:\Program Files (x86)\ASUS\MyBitCast\uninst.exe
NÚCŽV -->C:\Program Files (x86)\NÚCŽV\uninst.exe
NVIDIA Grafický ovládač 359.46-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX System Software 9.13.0604-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{247D7F78-51F3-44DB-AA06-F4BDF5E50649}\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA PhysX-->MsiExec.exe /I{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}
OkayFreedom-->C:\Program Files (x86)\OkayFreedom\uninstall.exe
Peggle-->"C:\Program Files (x86)\WildGames\Peggle\uninstall\uninstaller.exe"
Penguins!-->"C:\Program Files (x86)\WildGames\Penguins!\uninstall\uninstaller.exe"
Photo Common-->MsiExec.exe /X{0DF95460-2887-4011-9344-1959CDF18ADC}
Photo Common-->MsiExec.exe /X{49110532-D289-4BFF-807C-45B782E66A7C}
Photo Common-->MsiExec.exe /X{AA82E5EF-70C2-41CB-8432-309078304CBB}
Photo Common-->MsiExec.exe /X{C67BC332-A59A-4D40-977F-664F60AB21D8}
Photo Common-->MsiExec.exe /X{EB91007A-0110-42A6-B869-2709955A9B2A}
Photo Gallery-->MsiExec.exe /X{30F99474-EBE3-4134-A02B-F6CD38CFE243}
Photo Gallery-->MsiExec.exe /X{63824BC0-B747-43F3-9863-1066D64AD919}
Photodex Presenter-->C:\Program Files (x86)\Photodex Presenter\remove.exe
Podstawowe programy Windows Live-->MsiExec.exe /I{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}
ProShow Gold version 8.0-->"C:\Program Files (x86)\Photodex\ProShow Gold\unins000.exe"
ProShow Gold-->C:\Program Files (x86)\Photodex\ProShow Gold\remove.exe
Qualcomm Atheros Bluetooth Suite (64)-->MsiExec.exe /X{A84A4FB1-D703-48DB-89E0-68B6499D2801}
Qualcomm Atheros Client Installation Program-->"C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -runfromtemp -l0x0409 -removeonly
Realtek Card Reader-->C:\WINDOWS\RtCRU64.exe /u
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0409 -removeonly
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Realtek PCIE Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly
Scan To-->MsiExec.exe /I{E8A34AC8-0137-4515-A94B-0A0946DDC251}
Shared C Run-time for x64-->MsiExec.exe /I{EF79C448-6946-4D71-8134-03407888C054}
Skype Click to Call-->MsiExec.exe /I{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}
Skype™ 7.32-->MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6}
SpeedFan (remove only)-->"C:\Program Files (x86)\SpeedFan\uninstall.exe"
Tales of Lagoona-->"C:\Program Files (x86)\WildGames\Tales of Lagoona\uninstall\uninstaller.exe"
TeamViewer 10-->C:\Program Files (x86)\TeamViewer\uninstall.exe
The Sims™ 3-->"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x0005 -removeonly
Update for Windows 10 for x64-based Systems (KB4023057)-->MsiExec.exe /X{AAB396C1-4338-4825-BFA1-A085F3C55781}
Update Installer for WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe"
UpdateAssistant-->MsiExec.exe /I{F3874F6F-EA00-487D-BEAD-5FAA010E78F2}
VLC media player-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WildTangent Games App-->"C:\Program Files (x86)\WildTangent Games\Touchpoints\asus\Uninstall.exe"
WildTangent Games-->"C:\Program Files (x86)\WildGames\Uninstall.exe"
Windows 10 Update and Privacy Settings-->MsiExec.exe /X{4DFCD818-036A-4229-A67D-CF17DC461D92}
Windows Live Communications Platform-->MsiExec.exe /I{0454BB9A-2A7A-4214-BDFF-937F7A711A44}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}
Windows Live Essentials-->MsiExec.exe /I{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}
Windows Live Essentials-->MsiExec.exe /I{857BC375-BCFB-474E-9BD9-7EBB18EC55E0}
Windows Live Essentials-->MsiExec.exe /I{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}
Windows Live Installer-->MsiExec.exe /I{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}
Windows Live Photo Common-->MsiExec.exe /X{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}
Windows Live PIMT Platform-->MsiExec.exe /I{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}
Windows Live SOXE Definitions-->MsiExec.exe /I{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}
Windows Live SOXE-->MsiExec.exe /I{FE7C0B3D-50B9-4951-BE78-A321CBF86552}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{56232E3D-7EA9-45E0-A371-26CD80510AF7}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{7E9A63B3-8572-4A4B-9F87-3C2A873BBC55}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{E18F981B-401C-4D90-BC57-D8903564D558}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F09DD76B-D3D3-4558-B5BC-F1EEA6E00162}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}
Windows Live UX Platform-->MsiExec.exe /I{4CCBD1F4-CEEC-452A-9CB8-46564B501315}
Windows Setup Remediations (x64) (KB4023057)-->%windir%\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\Custom\Custom64\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb"
WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
WinRAR 5.40 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe

======Hosts File======


127.0.0.1 localhost

======System event log======

Computer Name: Stanka
Event Code: 10016
Message: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Record Number: 23491
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20170531135720.251849-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Stanka
Event Code: 1
Message: The Intel(R) Management Engine Interface is being reset.
Record Number: 23486
Source Name: MEIx64
Time Written: 20170531134046.743190-000
Event Type: Warning
User:

Computer Name: Stanka
Event Code: 137
Message: The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.
Record Number: 23484
Source Name: Microsoft-Windows-Kernel-Power
Time Written: 20170531133216.147141-000
Event Type: Error
User:

Computer Name: Stanka
Event Code: 10016
Message: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Record Number: 23480
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20170531133208.118491-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Stanka
Event Code: 137
Message: The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.
Record Number: 23475
Source Name: Microsoft-Windows-Kernel-Power
Time Written: 20170531132808.764661-000
Event Type: Error
User:

=====Application event log=====

Computer Name: Stanka
Event Code: 16
Message: Error while updating status to SECURITY_PRODUCT_STATE_ON (error 02000000).
Record Number: 163183
Source Name: SecurityCenter
Time Written: 20171006192018.102619-000
Event Type: Error
User:

Computer Name: Stanka
Event Code: 16
Message: Error while updating status to SECURITY_PRODUCT_STATE_ON (error 02000000).
Record Number: 163180
Source Name: SecurityCenter
Time Written: 20171006192013.102344-000
Event Type: Error
User:

Computer Name: Stanka
Event Code: 16
Message: Error while updating status to SECURITY_PRODUCT_STATE_ON (error 02000000).
Record Number: 163179
Source Name: SecurityCenter
Time Written: 20171006192008.102084-000
Event Type: Error
User:

Computer Name: Stanka
Event Code: 16
Message: Error while updating status to SECURITY_PRODUCT_STATE_ON (error 02000000).
Record Number: 163171
Source Name: SecurityCenter
Time Written: 20171006191949.038565-000
Event Type: Error
User:

Computer Name: Stanka
Event Code: 16
Message: Error while updating status to SECURITY_PRODUCT_STATE_ON (error 02000000).
Record Number: 163167
Source Name: SecurityCenter
Time Written: 20171006191945.741517-000
Event Type: Error
User:

=====Security event log=====

Computer Name: Stanka
Event Code: 4907
Message: Auditing settings on object were changed.

Subject:
Security ID: S-1-5-18
Account Name: STANKA$
Account Domain: WORKGROUP
Logon ID: 0x3E7

Object:
Object Server: Security
Object Type: File
Object Name: C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\FileMaps\programdata_microsoft_windows_start_menu_fde55420546edfe6.cdf-ms
Handle ID: 0x16b4

Process Information:
Process ID: 0xde4
Process Name: C:\$WINDOWS.~BT\Sources\setuphost.exe

Auditing Settings:
Original Security Descriptor:
New Security Descriptor: S:ARAI(AU;SAFA;0x1f0116;;;WD)
Record Number: 482442
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20180323153452.150076-000
Event Type: Audit Success
User:

Computer Name: Stanka
Event Code: 4907
Message: Auditing settings on object were changed.

Subject:
Security ID: S-1-5-18
Account Name: STANKA$
Account Domain: WORKGROUP
Logon ID: 0x3E7

Object:
Object Server: Security
Object Type: File
Object Name: C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\FileMaps\programdata_microsoft_windows_gameexplorer_eb83b477ca9834cc.cdf-ms
Handle ID: 0x16c0

Process Information:
Process ID: 0xde4
Process Name: C:\$WINDOWS.~BT\Sources\setuphost.exe

Auditing Settings:
Original Security Descriptor:
New Security Descriptor: S:ARAI(AU;SAFA;0x1f0116;;;WD)
Record Number: 482441
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20180323153452.148759-000
Event Type: Audit Success
User:

Computer Name: Stanka
Event Code: 4907
Message: Auditing settings on object were changed.

Subject:
Security ID: S-1-5-18
Account Name: STANKA$
Account Domain: WORKGROUP
Logon ID: 0x3E7

Object:
Object Server: Security
Object Type: File
Object Name: C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\FileMaps\programdata_microsoft_windows_devicemetadatastore_2e1ff34936d2e8e5.cdf-ms
Handle ID: 0x1678

Process Information:
Process ID: 0xde4
Process Name: C:\$WINDOWS.~BT\Sources\setuphost.exe

Auditing Settings:
Original Security Descriptor:
New Security Descriptor: S:ARAI(AU;SAFA;0x1f0116;;;WD)
Record Number: 482440
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20180323153452.147305-000
Event Type: Audit Success
User:

Computer Name: Stanka
Event Code: 4907
Message: Auditing settings on object were changed.

Subject:
Security ID: S-1-5-18
Account Name: STANKA$
Account Domain: WORKGROUP
Logon ID: 0x3E7

Object:
Object Server: Security
Object Type: File
Object Name: C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\FileMaps\programdata_microsoft_windows_cae2264614449191.cdf-ms
Handle ID: 0xecc

Process Information:
Process ID: 0xde4
Process Name: C:\$WINDOWS.~BT\Sources\setuphost.exe

Auditing Settings:
Original Security Descriptor:
New Security Descriptor: S:ARAI(AU;SAFA;0x1f0116;;;WD)
Record Number: 482439
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20180323153452.145979-000
Event Type: Audit Success
User:

Computer Name: Stanka
Event Code: 4907
Message: Auditing settings on object were changed.

Subject:
Security ID: S-1-5-18
Account Name: STANKA$
Account Domain: WORKGROUP
Logon ID: 0x3E7

Object:
Object Server: Security
Object Type: File
Object Name: C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\FileMaps\programdata_microsoft_network_connections_2e5c3accd04dd407.cdf-ms
Handle ID: 0x79c

Process Information:
Process ID: 0xde4
Process Name: C:\$WINDOWS.~BT\Sources\setuphost.exe

Auditing Settings:
Original Security Descriptor:
New Security Descriptor: S:ARAI(AU;SAFA;0x1f0116;;;WD)
Record Number: 482438
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20180323153452.144764-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"FP_NO_HOST_CHECK"=NO
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;C:\Program Files (x86)\Skype\Phone\
"configsetroot"=%SystemRoot%\ConfigSetRoot
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Zasekany a spomalený notebook

#3 Příspěvek od PureHate44 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Stanislava (administrator) on STANKA (04-04-2018 10:48:03)
Running from C:\Users\Stanislava\Desktop
Loaded Profiles: Stanislava (Available Profiles: UpdatusUser & Stanislava & Administrator)
Platform: Windows 10 Home Version 1607 14393.693 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
() C:\Program Files (x86)\Photodex\ProShow Gold\scsiaccess.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\Notifier.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\rempl\remsh.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.2151_none_7f2129e421da1aca\TiWorker.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804360 2016-03-22] (NVIDIA Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [324216 2017-11-29] (ESET)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [OKAYFREEDOM Notifier] => C:\Program Files (x86)\OkayFreedom\Notifier.exe [4201464 2018-01-29] (Steganos Software GmbH)
HKLM\...\RunOnce: [!GetCurrentRollback] => C:\Windows10Upgrade\GetCurrentRollback.exe [73392 2018-03-13] (Microsoft Corporation)
HKLM\...\RunOnce: [RollbackOnline] => C:\$WINDOWS.~BT\Sources\SetupPlatform.exe [167096 2018-03-18] (Microsoft Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-2285950285-3707617280-1648918755-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10257872 2018-01-09] (Piriform Ltd)
HKU\S-1-5-21-2285950285-3707617280-1648918755-1002\...\Run: [uTorrent] => C:\Users\Stanislava\AppData\Roaming\uTorrent\uTorrent.exe [1982144 2017-09-26] (BitTorrent Inc.)
HKU\S-1-5-21-2285950285-3707617280-1648918755-1002\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [6267384 2018-01-29] (Steganos Software GmbH)
HKU\S-1-5-21-2285950285-3707617280-1648918755-1002\...\RunOnce: [Uninstall 18.025.0204.0009\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stanislava\AppData\Local\Microsoft\OneDrive\18.025.0204.0009\amd64"
HKU\S-1-5-21-2285950285-3707617280-1648918755-1002\...\RunOnce: [Uninstall 18.025.0204.0009] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stanislava\AppData\Local\Microsoft\OneDrive\18.025.0204.0009"
HKU\S-1-5-21-2285950285-3707617280-1648918755-1002\...\MountPoints2: {270ae5d8-8bec-11e6-beef-240a64c590dc} - "F:\SISetup.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => No File
Startup: C:\Users\Stanislava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2017-05-08]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0316f8d2-75a0-4dda-a8bf-38c0a2b267ba}: [DhcpNameServer] 192.15.128.24
Tcpip\..\Interfaces\{09f1fd8b-7fea-407e-b870-81c2c5335bdd}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{6c91a85e-32e5-416e-973e-289eceb7c348}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-2285950285-3707617280-1648918755-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2017-08-15] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Stanislava\AppData\Local\Google\Chrome\User Data\Default [2018-04-04]
CHR Extension: (Prezentácie) - C:\Users\Stanislava\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-25]
CHR Extension: (Dokumenty) - C:\Users\Stanislava\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-25]
CHR Extension: (Disk Google) - C:\Users\Stanislava\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-25]
CHR Extension: (YouTube) - C:\Users\Stanislava\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-25]
CHR Extension: (Tabuľky) - C:\Users\Stanislava\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-25]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Stanislava\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-28]
CHR Extension: (AdBlock) - C:\Users\Stanislava\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-10]
CHR Extension: (Skype) - C:\Users\Stanislava\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Stanislava\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Stanislava\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-25]
CHR Extension: (Chrome Media Router) - C:\Users\Stanislava\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-26]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2648184 2017-11-29] (ESET)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [358408 2018-01-29] (Steganos Software GmbH)
R2 osrss; C:\WINDOWS\system32\osrss.dll [108584 2018-01-18] (Microsoft Corporation)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Gold\ScsiAccess.exe [186760 2016-07-24] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R3 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-03-27] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUS Corporation)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4318648 2017-03-23] (Qualcomm Atheros Communications, Inc.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [609696 2017-06-02] (Qualcomm)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2015-03-23] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132848 2017-11-29] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-20] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180088 2017-11-29] (ESET)
R1 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [77736 2017-11-29] (ESET)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [31120 2017-06-02] (ASUS)
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2017-01-05] (REALiX(tm))
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [984032 2017-08-13] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-04 10:48 - 2018-04-04 10:51 - 000017156 _____ C:\Users\Stanislava\Desktop\FRST.txt
2018-04-04 10:47 - 2018-04-04 10:48 - 000000000 ____D C:\FRST
2018-04-04 10:46 - 2018-04-04 10:47 - 002403328 _____ (Farbar) C:\Users\Stanislava\Desktop\FRST64.exe
2018-04-04 10:45 - 2018-04-04 10:45 - 000112640 _____ (forum.viry.cz) C:\Users\Stanislava\Desktop\FRSTLauncher.exe
2018-04-04 10:45 - 2018-04-04 10:45 - 000029696 _____ C:\Users\Stanislava\AppData\Local\MSGBOX.EXE
2018-04-04 10:45 - 2018-04-04 10:45 - 000015327 _____ C:\Users\Stanislava\Desktop\LM.bat
2018-04-04 10:44 - 2018-04-04 10:44 - 000112640 _____ (forum.viry.cz) C:\Users\Stanislava\Downloads\FRSTLauncher.exe
2018-04-04 10:40 - 2018-04-04 10:40 - 001222144 _____ C:\Users\Stanislava\Downloads\RSITx64 (1).exe
2018-04-03 23:41 - 2018-04-04 01:10 - 000000000 ___HD C:\$WINDOWS.~BT
2018-03-30 00:25 - 2018-03-30 00:25 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-03-25 01:18 - 2018-04-03 22:30 - 000000797 _____ C:\Users\Stanislava\Desktop\Asistent pri aktualizácii na Windows 10.lnk
2018-03-18 09:22 - 2018-02-18 13:13 - 002003296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-03-18 09:22 - 2018-02-18 13:13 - 000664416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-03-18 09:22 - 2018-02-18 13:13 - 000389464 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-03-18 09:22 - 2018-02-18 13:13 - 000270688 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-03-18 09:22 - 2018-02-18 13:13 - 000138072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-18 09:22 - 2018-02-18 13:13 - 000069984 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-18 09:22 - 2018-02-18 13:12 - 000461664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-03-18 09:22 - 2018-02-18 13:12 - 000035160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-03-18 09:22 - 2018-02-18 13:09 - 000199512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-03-18 09:22 - 2018-02-18 13:04 - 000501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-03-18 09:22 - 2018-02-18 12:19 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-03-18 09:22 - 2018-02-18 12:18 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-03-18 09:21 - 2018-02-18 13:13 - 001568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-03-18 09:21 - 2018-02-18 13:13 - 000749408 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-03-18 09:21 - 2018-02-18 13:13 - 000609120 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-03-18 09:21 - 2018-02-18 13:13 - 000246112 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-03-16 23:30 - 2018-03-16 23:30 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2018-03-15 22:43 - 2018-03-06 08:10 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EOSNotify.exe
2018-03-15 22:40 - 2018-04-03 03:24 - 000076682 _____ C:\WINDOWS\system32\perfh01B.dat
2018-03-15 22:40 - 2018-04-03 03:24 - 000023634 _____ C:\WINDOWS\system32\perfc01B.dat
2018-03-15 22:22 - 2017-10-04 10:21 - 000029352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2018-03-15 22:22 - 2017-10-04 10:21 - 000019088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2018-03-15 22:22 - 2017-10-04 05:45 - 000030888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2018-03-15 22:22 - 2017-10-04 05:45 - 000019088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2018-03-10 02:40 - 2018-02-18 13:00 - 000026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2018-03-10 02:40 - 2018-02-18 12:31 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2018-03-10 02:40 - 2018-02-18 12:26 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2018-03-10 02:40 - 2018-02-18 12:26 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2018-03-10 02:40 - 2018-02-18 12:26 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2018-03-10 02:40 - 2018-02-18 12:26 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-03-10 02:40 - 2018-02-18 12:24 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2018-03-10 02:40 - 2018-02-18 12:19 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2018-03-10 02:40 - 2018-02-18 12:17 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-03-10 02:40 - 2018-02-18 12:11 - 002321920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-03-10 02:39 - 2018-02-18 12:23 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2018-03-10 02:39 - 2018-02-18 12:22 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2018-03-10 02:39 - 2018-02-18 12:20 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2018-03-10 02:39 - 2018-02-18 12:16 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2018-03-10 02:39 - 2018-02-18 12:16 - 000299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-03-10 02:39 - 2018-02-18 12:16 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2018-03-10 02:39 - 2018-02-18 12:15 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2018-03-10 02:39 - 2018-02-18 12:14 - 000558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-03-10 02:39 - 2018-02-18 12:12 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-03-10 02:39 - 2018-02-18 12:11 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-03-10 02:39 - 2018-02-18 12:11 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-04 10:41 - 2017-02-05 22:21 - 000000000 ____D C:\rsit
2018-04-04 10:41 - 2017-02-05 22:21 - 000000000 ____D C:\Program Files\trend micro
2018-04-04 10:36 - 2016-10-04 14:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-04-04 02:04 - 2018-01-22 22:53 - 000000000 ____D C:\WINDOWS\Panther
2018-04-04 02:04 - 2016-10-04 15:25 - 000001908 _____ C:\WINDOWS\diagwrn.xml
2018-04-04 02:04 - 2016-10-04 15:25 - 000001908 _____ C:\WINDOWS\diagerr.xml
2018-04-04 01:37 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-04-04 01:11 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Registration
2018-04-03 23:38 - 2016-06-03 01:05 - 000000066 _____ C:\WINDOWS\progress.ini
2018-04-03 23:10 - 2016-06-03 00:17 - 000000000 ___HD C:\$GetCurrent
2018-04-03 22:34 - 2017-07-26 22:36 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2285950285-3707617280-1648918755-1002
2018-04-03 22:33 - 2016-06-03 11:22 - 000002426 _____ C:\Users\Stanislava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-04-03 22:33 - 2015-04-12 23:03 - 000000000 __RDO C:\Users\Stanislava\OneDrive
2018-04-03 22:30 - 2018-03-02 12:56 - 000000809 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistent pri aktualizácii na Windows 10.lnk
2018-04-03 22:30 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2018-04-03 22:30 - 2016-06-03 00:17 - 000000000 ____D C:\Windows10Upgrade
2018-04-03 22:28 - 2016-01-31 23:14 - 000000062 _____ C:\Users\Stanislava\AppData\Roaming\sp_data.sys
2018-04-03 22:26 - 2017-04-16 18:12 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-04-03 22:23 - 2017-04-16 11:00 - 000002926 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2018-04-03 22:23 - 2016-10-04 15:23 - 000002332 _____ C:\WINDOWS\System32\Tasks\ASUS P4G
2018-04-03 22:23 - 2016-10-04 15:23 - 000002258 _____ C:\WINDOWS\System32\Tasks\AsusVibeSchedule
2018-04-03 22:23 - 2016-10-04 15:23 - 000002248 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2018-04-03 22:23 - 2016-10-04 15:23 - 000002130 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ColorU
2018-04-03 22:23 - 2016-10-04 15:23 - 000002114 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2018-04-03 22:22 - 2016-10-04 15:23 - 000002332 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2018-04-03 22:22 - 2016-10-04 15:23 - 000002068 _____ C:\WINDOWS\System32\Tasks\ASUS InstantOn Config
2018-04-03 22:21 - 2016-06-03 11:30 - 000000000 __SHD C:\Users\Stanislava\IntelGraphicsProfiles
2018-04-03 03:24 - 2016-06-03 03:55 - 001608846 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-03 03:19 - 2016-10-04 15:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-04-03 03:02 - 2016-07-16 08:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-04-03 02:19 - 2016-10-04 14:47 - 000000000 ____D C:\Users\Stanislava
2018-04-03 01:17 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-04-03 00:27 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-31 23:22 - 2015-04-01 21:32 - 000000000 ____D C:\Users\Stanislava\AppData\Roaming\Skype
2018-03-29 10:40 - 2016-07-16 08:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-03-28 00:26 - 2014-01-12 19:11 - 000000000 ____D C:\Users\Stanislava\Desktop\Stanka
2018-03-23 17:04 - 2017-08-06 21:57 - 000000000 ____D C:\Program Files\rempl
2018-03-23 11:32 - 2015-03-31 18:25 - 000002315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-23 11:32 - 2015-03-31 18:25 - 000002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-03-18 18:36 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-03-15 22:58 - 2015-04-02 00:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-15 22:48 - 2017-10-11 22:28 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-15 22:47 - 2015-04-02 00:00 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-12 18:35 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache
2018-03-09 14:46 - 2015-03-31 18:09 - 000000000 ____D C:\Users\Stanislava\AppData\Local\VirtualStore

==================== Files in the root of some directories =======

2016-01-31 23:14 - 2018-04-03 22:28 - 000000062 _____ () C:\Users\Stanislava\AppData\Roaming\sp_data.sys
2018-04-04 10:45 - 2018-04-04 10:45 - 000029696 _____ () C:\Users\Stanislava\AppData\Local\MSGBOX.EXE

Some files in TEMP:
====================
2018-02-02 23:46 - 2018-03-31 22:59 - 037366784 _____ () C:\Users\Stanislava\AppData\Local\Temp\SkypeSetup.exe
2018-03-22 10:50 - 2018-03-30 09:30 - 006612768 _____ (Microsoft Corporation) C:\Users\Stanislava\AppData\Local\Temp\Windows10Upgrade.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-24 20:05

==================== End of FRST.txt ============================
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Zasekany a spomalený notebook

#4 Příspěvek od PureHate44 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Stanislava (04-04-2018 10:53:58)
Running from C:\Users\Stanislava\Desktop
Windows 10 Home Version 1607 14393.693 (X64) (2016-10-04 13:29:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2285950285-3707617280-1648918755-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2285950285-3707617280-1648918755-503 - Limited - Disabled)
Guest (S-1-5-21-2285950285-3707617280-1648918755-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2285950285-3707617280-1648918755-1008 - Limited - Enabled)
Stanislava (S-1-5-21-2285950285-3707617280-1648918755-1002 - Administrator - Enabled) => C:\Users\Stanislava
UpdatusUser (S-1-5-21-2285950285-3707617280-1648918755-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2285950285-3707617280-1648918755-1002\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Asistent pri aktualizácii na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22402 - Microsoft Corporation)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.9 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
Azteca (HKLM-x32\...\WTA-2f3263a5-c48e-44bb-8641-562ea5476a87) (Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-2f1b39cc-83cd-4559-b10f-61626726b133) (Version: 2.2.0.97 - WildTangent) Hidden
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.69.1079 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform)
Cut the Rope (HKLM-x32\...\WTA-1137fe53-d992-40ce-a7c1-592d61593a12) (Version: 3.0.2.38 - WildTangent) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
ESET NOD32 Antivirus (HKLM\...\{7B53AC08-0B41-460F-8E0F-BC0669E3CA67}) (Version: 10.1.219.1 - ESET, spol. s r.o.)
Evolution GT 1.0 (HKLM-x32\...\Evolution GT_is1) (Version: - Black Bean)
Fotogaléria (HKLM-x32\...\{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{E50E3DBC-46AA-4827-B2A6-F995D81DF526}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{7595CAD2-87D0-4D01-AC02-3FDD3A891BB8}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HD Tach version 3 (HKLM-x32\...\HD Tach_is1) (Version: - Simpli Software, Inc.)
HeavyLoad V3.3 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.3 - JAM Software)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2285950285-3707617280-1648918755-1002\...\OneDriveSetup.exe) (Version: 18.044.0301.0006 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (HKLM-x32\...\{2A078A2B-E2C8-43A3-862C-DC57090AB7C2}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A035950F-15BA-41C0-9D8F-165FC0536012}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{A47EA9D4-BB87-415E-9239-28860434E5A0}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
NÚCŽV (HKLM-x32\...\NÚCŽV) (Version: 1.0 - NÚCŽV)
NVIDIA Grafický ovládač 359.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.46 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.8.3 - Steganos Software GmbH)
Ovládací panel NVIDIA 369.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 369.09 - NVIDIA Corporation) Hidden
Peggle (HKLM-x32\...\WTA-1aa96af5-7897-4b52-871b-5672bf2a93b1) (Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (HKLM-x32\...\WTA-f7af5d5d-ca08-4f1e-b605-50cc7e4d969d) (Version: 2.2.0.98 - WildTangent) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
Podstawowe programy Windows Live (HKLM-x32\...\{A7E73DE5-E5FD-4923-9D88-E09ECD1F3545}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
ProShow Gold (HKLM-x32\...\ProShow Gold) (Version: - Photodex Corporation)
ProShow Gold version 8.0 (HKLM-x32\...\{DD0D5CC9-203C-4702-A196-74A9A8F2D2AD}_is1) (Version: 8.0 - Photodex)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.27057 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.27030 - Realtek Semiconductor Corp.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Tales of Lagoona (HKLM-x32\...\WTA-6c851d85-eca4-4ecf-853a-81473e512af5) (Version: 2.2.0.110 - WildTangent) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AAB396C1-4338-4825-BFA1-A085F3C55781}) (Version: 2.19.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
UpdateAssistant (HKLM\...\{F3874F6F-EA00-487D-BEAD-5FAA010E78F2}) (Version: 1.15.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.10.5 - WildTangent) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2285950285-3707617280-1648918755-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-11-29] (ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-11-29] (ESET)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\WINDOWS\system32\mscoree.dll [2016-07-16] (Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-08-01] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-10] (Igor Pavlov)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-11-29] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {021998FB-18A9-4E36-8416-FBADEC7CACF2} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {1425C48C-06DF-4EB9-86DC-EC69C3B18521} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {1AA805AD-085F-4CAE-B534-1FDAAF5B52F5} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-08-13] (Realtek Semiconductor)
Task: {1CF985A9-71D3-4AB0-8B78-FCD62DEB9EC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-31] (Google Inc.)
Task: {266F083D-751A-4788-990D-9EAC295CEF18} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {29F03403-FECC-4EC0-AF0D-C1F08F476F50} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2C752E87-BC8D-426E-8798-93D4268BB856} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {314D66BD-0C4B-4E11-8B97-BDEE87311B75} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-09] (Piriform Ltd)
Task: {3326FA60-B899-41E8-95AE-C77C9D38C6BF} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {48E03582-68AB-4582-8278-F6A14B7B1654} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4F8CB36E-03F9-4EF1-A615-54010C05256F} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-03-09] (AsusTek)
Task: {58364204-28F3-408F-B4D5-C2CC10A84FEB} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-10-24] (ASUS)
Task: {5870FC50-0C7E-4421-ABBE-45748952A59C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {6AF603C5-9CBC-4FAC-8324-74818AFF1B50} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {6DDD3879-A1E9-4BDC-95B3-5BDEE876EA3D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7789BE39-0263-446B-8688-63855EDFEF8B} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {798DE583-9492-4703-A5C5-9D86A474816C} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Stanislava\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {7A6F41D2-23B1-410A-AB7C-C9CCE5162DFB} - System32\Tasks\McAfeeLogon => C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe
Task: {7EB2EF6B-585F-4B04-BB19-806355514F9E} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)
Task: {86544D50-3339-4F29-932E-A8E63759D8B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {9EF0A600-73CC-4E37-AB5A-F3F7180968B5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd)
Task: {A2E0C4A0-6A08-4330-8D49-471ABD7BDC7E} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe
Task: {A70A749B-1642-43DF-AE92-369C5E811DA5} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-08-13] (Realtek Semiconductor)
Task: {AF2CCD45-2C69-4229-A25D-7C2CC27636C3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AF5FD3A2-3A81-4E49-A43D-4466D781842D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-31] (Google Inc.)
Task: {B761CA8C-5711-4EA2-B266-E291DF24CF82} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {BC552397-3862-4C1A-8E30-0B1A9C68AB71} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {BD2142D6-E545-4E9C-ABE7-24923C0E6159} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {C0A08D70-3A15-4A94-B860-6513B18B4413} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D047EA8E-597A-45B8-8120-321AD1E5AE30} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {EADE7616-9DE0-4821-8F8E-4C0D3BE50615} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-08-13] (Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\McAfeeLogon.job => C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-15 00:22 - 2016-12-09 12:29 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-13 19:29 - 2012-09-29 13:25 - 000409088 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2016-10-13 19:30 - 2012-09-29 13:25 - 000074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2017-08-15 20:39 - 2016-07-24 15:13 - 000186760 _____ () C:\Program Files (x86)\Photodex\ProShow Gold\ScsiAccess.exe
2016-10-04 15:24 - 2016-10-04 15:24 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-10 23:39 - 2016-12-21 09:09 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-10 23:38 - 2016-12-21 08:54 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-10 23:38 - 2016-12-21 08:48 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-10 23:38 - 2016-12-21 08:48 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-10 23:38 - 2016-12-21 08:48 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-10 23:38 - 2016-12-21 08:53 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-12-19 08:10 - 2012-12-19 08:10 - 000072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2012-08-24 19:26 - 2012-08-24 19:26 - 000031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2016-10-04 14:41 - 2016-08-01 14:54 - 000133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-03-23 11:32 - 2018-03-20 08:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-23 11:32 - 2018-03-20 08:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2018-03-26 20:15 - 2018-03-26 20:16 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-03-26 20:15 - 2018-03-26 20:16 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-03-26 20:15 - 2018-03-26 20:16 - 022050304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-03-26 20:15 - 2018-03-26 20:16 - 002584576 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\skypert.dll
2018-03-26 20:15 - 2018-03-26 20:16 - 000657408 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-01-25 15:28 - 2018-01-25 15:28 - 001160704 _____ () C:\Program Files (x86)\OkayFreedom\vpn.dll
2013-11-08 19:19 - 2012-06-25 12:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2017-12-25 13:25 - 000000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2285950285-3707617280-1648918755-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Stanislava\Downloads\17859038_1678361862190769_656702177_o.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: HomeNetSvc => 3
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McAWFwk => 3
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: mcpltsvc => 2
MSCONFIG\Services: McProxy => 3
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUSPRP => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd
MSCONFIG\startupreg: HotKeysCmds => "C:\WINDOWS\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\WINDOWS\system32\igfxtray.exe"
MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: RtHDVBg => "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
HKU\S-1-5-21-2285950285-3707617280-1648918755-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2285950285-3707617280-1648918755-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2285950285-3707617280-1648918755-1002\...\StartupApproved\Run: => "uTorrent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BBA24C19-3F10-4ADC-A58B-BAF04AF5C94E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C2CCAC8E-C744-4B88-9FEB-7C8CD35B4455}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{83553A97-3E11-44D4-ACC1-E68E6F790040}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{EB29C8B7-C2BF-463C-B45D-B1B0FF6F8E50}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B37526E5-8FFB-4B78-9456-C594DF35B4B6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9DF568BF-1BE4-40F8-B58A-90F91C8AEB20}] => (Allow) LPort=1900
FirewallRules: [{D9FDE7C5-91CF-4946-B79E-C7E264DA859C}] => (Allow) LPort=2869
FirewallRules: [{AF702977-4330-41DC-B7EB-971528C7BDD5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{16A2EC5A-E398-443A-9CA4-B23F6F64A83A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{DAD12F82-6791-49FB-A08A-90883CEED8DD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D14B6B5A-014B-4A8D-A531-1773CD055FF1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1E75C94E-853A-44C4-924D-3A795F6F1C60}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2C2B0952-BD0A-48CB-9EE1-A32FD184610C}] => (Allow) C:\Users\Stanislava\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DDA93064-549C-4A5E-A579-EA7605144989}] => (Allow) C:\Users\Stanislava\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0D2EBCC8-0DCB-44C4-91FD-7FED257EDA0E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/04/2018 10:38:11 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Windows10UpgraderApp.exe version 1.4.9200.22402 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2688

Start Time: 01d3cb8a9f6cacf0

Termination Time: 351

Application Path: C:\Windows10Upgrade\Windows10UpgraderApp.exe

Report Id: 5a8ca771-37e3-11e8-bfe7-d850e6ece5d3

Faulting package full name:

Faulting package-relative application ID:

Error: (04/03/2018 03:40:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.
.

Error: (04/03/2018 03:40:31 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.
.

Error: (04/01/2018 12:00:08 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (03/31/2018 11:58:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.
.

Error: (03/31/2018 11:57:56 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.

System Error:
The parameter is incorrect.
.

Error: (03/31/2018 11:55:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_AppXSvc, verzia: 10.0.14393.0, časová značka: 0x57899b1c
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.14393.479, časová značka: 0x5825887f
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000009648f
Identifikácia chybujúceho procesu: 0x1270
Čas spustenia chybujúcej aplikácie: 0x01d3c939e33a45eb
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\svchost.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 23ea6c6c-41b6-4e40-94fe-93bcb3ecaf5b
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (03/31/2018 08:33:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: STANKA)
Description: Aktivácia aplikácie Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App zlyhala pre chybu: -2144927142 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (04/04/2018 02:06:55 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (04/04/2018 02:06:34 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/03/2018 10:23:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby NVIDIA Update Service Daemon zlyhalo kvôli nasledujúcej chybe:
The service did not start due to a logon failure.

Error: (04/03/2018 10:23:05 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Službe nvUpdatusService sa nepodarilo s aktuálne nakonfigurovaným heslom prihlásiť ako .\UpdatusUser kvôli nasledujúcej chybe:
The user name or password is incorrect.


Ak chcete zabezpečiť správne nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management Console).

Error: (04/03/2018 10:21:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/03/2018 04:40:51 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (04/03/2018 04:39:44 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (04/03/2018 03:20:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80070570: 2018-03 Kumulatívna aktualizácia pre Windows 10 Version 1607 pre systémy s procesorom typu x64 (KB4088787).


Windows Defender:
===================================
Date: 2017-09-29 11:35:25.375
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {0D5F5AE9-97CD-4475-B000-F0220055CB22}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-09-29 11:24:05.566
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {08E44219-97F0-45F7-9359-550D914BD0B4}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-09-15 16:13:36.750
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {4847BC3A-0BCC-4EC4-8C0B-3D225BB7A566}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2017-10-04 12:57:07.068
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

Date: 2017-09-30 16:10:57.738
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

Date: 2017-09-30 15:23:48.788
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

Date: 2017-09-30 11:09:18.320
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

Date: 2017-09-30 08:46:33.995
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

CodeIntegrity:
===================================

Date: 2018-03-31 23:55:10.205
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-31 23:55:09.741
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-12-10 17:13:52.407
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-12-10 17:13:52.037
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-11-08 21:58:25.920
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-11-08 21:58:25.119
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-10-25 10:31:07.555
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-10-25 10:31:07.222
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU 1007U @ 1.50GHz
Percentage of memory in use: 64%
Total physical RAM: 3981.55 MB
Available physical RAM: 1428.2 MB
Total Virtual: 8077.55 MB
Available Virtual: 5189.46 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.86 GB) (Free:11.01 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:227.12 GB) NTFS
Drive f: (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

\\?\Volume{5e9113a9-52f6-44ed-84b1-ad82cbeab247}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.47 GB) NTFS
\\?\Volume{682c1864-fd53-4ff7-8baa-d318c1a1168f}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{24dcf316-ddc8-4713-a396-2cba30cee678}\ (Restore) (Fixed) (Total:20.01 GB) (Free:7.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B9F22849)

Partition: GPT.

==================== End of Addition.txt ============================
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Zasekany a spomalený notebook

#5 Příspěvek od Conder »

Ahoj :)

:arrow: Kedze si tu postol viac prispevkov/odpovedi, tak to tu trochu zapadlo :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Scan (Skenovanie) a pockaj na dokoncenie
  • Klikni na Clean (Cistenie) a potvrd kliknutim na OK
  • AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
  • Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Zasekany a spomalený notebook

#6 Příspěvek od PureHate44 »

Nevadí. To bol priateľkyn notebook, ale ten sme už rozchodili v servise... :-)
Môžeme to tu uzavrieť :) ďakujem :)
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Zasekany a spomalený notebook

#7 Příspěvek od Conder »

OK, nie je zaco :)
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“