Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

zpomaleny ntb

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
JanHellsing
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2012 14:53

zpomaleny ntb

#1 Příspěvek od JanHellsing »

po dlouhe dobe opet problem :) ostatne jak jinak :)
kopil sem ai btb od HP( bohuzel ) a po nejake dobe cca 3 mesice od koupi se zacal radikalne zpomalovat celkovy chod. ted uz to zpomaleni tolik nevnimam ale co se tyce startu to je hruza cekacka cca 3-5 minut nez se dotoci kolecko pod logem HP a pak windowsu a nez se nastartuje plocha do pouzitelneho stavu je proste moc dlouha. no kazdopadne sem zkousel w10 schodit na w7 bezuspechu chce to po me ovladac na usb. ale to je fuk to tu resit nechcete :) kazdopadne rady co odstranit zablokovat spousteni neuzitecnych programu se hodi vzdy. a hlavne kontrola stavu od zkusenych je potreba :) dikes. takze log RSIT:


Logfile of random's system information tool 1.10 (written by random/random)
Run by janhe at 2019-04-23 20:10:11
Microsoft Windows 10 Home
System drive C: has 390 GB (42%) free of 938 GB
Total RAM: 8018 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:10:23, on 23.04.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
C:\Users\janhe\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Users\janhe\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe
C:\Users\janhe\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe
C:\Users\janhe\AppData\Roaming\uTorrent\helper\helper.exe
C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
C:\Program Files\trend micro\janhe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp17win10.msn.com/?pc=HCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Norton Password Manager - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security\Engine32\22.17.0.183\coIEPlg.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.17.0.183\coIEPlg.dll
O4 - HKLM\..\Run: [RtlS5Wake] C:\PROGRA~2\Realtek\PCIEWI~1\RTLS5W~1\RTLS5W~1.EXE
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\janhe\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-205 207 Series"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIME.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-202 203 206 Series"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Realtek Semiconductor Corp. - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Služba Vzdálené plochy Chrome (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: @oem14.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWOW64\esif_uf.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service: HP JumpStart Bridge (HPJumpStartBridge) - HP Inc. - c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - HP Inc. - C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: KingoSoftService - Unknown owner - C:\Users\janhe\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Security (NortonSecurity) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.17.0.183\NortonSecurity.exe
O23 - Service: Norton WSC Service (nsWscSvc) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.17.0.183\nsWscSvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 12034 bytes

======Listing Processes======








winlogon.exe

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-2948eb4f-4bf2-4b57-b1b7-a5327106d9f2 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-405cdb63-cedd-4373-ad63-395a3735853c -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-2f659561-edf5-49a9-a5f1-f053e8ff9483 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-09061ee3-7904-4e80-8f8a-771e2f983f5d -LifetimeId:78b650c9-bdd8-4f8d-9f86-07556c272b29 -DeviceGroupId:
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k localservice -p -s nsi
dashost.exe {2b236f18-2021-4ebf-a4632afee54f1e92}
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localservice -p -s PhoneSvc
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
atieclxx
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\WLANExt.exe 2580208375136
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe" --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
C:\WINDOWS\SysWOW64\esif_uf.exe
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc

c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Users\janhe\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe" "C:\Users\janhe\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\checkupdate.exe"
"C:\Program Files\Norton Security\Engine\22.17.0.183\NortonSecurity.exe" /s "NortonSecurity" /m "C:\Program Files\Norton Security\Engine\22.17.0.183\diMaster.dll" /prefetch:1


c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"

c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\WINDOWS\system32\EscSvc64.exe
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
"C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe" --type=host --mojo-pipe-token=4623349349530488593 --mojo-platform-channel-handle=852

sihost.exe
"C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SESSION
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\Windows\System32\CastSrv.exe CCastServerControlInteractiveUser -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\Elantech\ETDTouch.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
igfxEM.exe
igfxHK.exe
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
"C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe"
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Users\janhe\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Steam\Steam.exe" -silent
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon
c:\windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\janhe\AppData\Local\Steam\htmlcache" "-steampid=10056" "-buildid=1555457005" "-steamid=0" "-steamuniverse=Dev" "-clientui=C:\Program Files (x86)\Steam\clientui" --disable-out-of-process-pac --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-features=TouchpadAndWheelScrollLatching,AsyncWheelEvents --enable-media-stream --disable-smooth-scrolling --num-raster-threads=4 --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\janhe\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1555457005 --initial-client-data=0x88,0x94,0x9c,0x84,0x64,0x7ffb9f1df760,0x7ffb9f1df770,0x7ffb9f1df780
"C:\Windows\System32\spool\drivers\x64\3\E_IATIILE.EXE" /EPT "EPLTarget\P0000000000000000" /M "XP-205 207 Series"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Windows\System32\spool\drivers\x64\3\E_IATIIME.EXE" /EPT "EPLTarget\P0000000000000001" /M "XP-202 203 206 Series"
c:\windows\system32\svchost.exe -k netsvcs -p
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1316,4580583704558992862,7099214592251366654,131072 --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=cs-CZ --buildid=1555457005 --steamid=0 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=6180776346648564595 --mojo-platform-channel-handle=1324 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\janhe\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\janhe\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=73.0.3683.103 --initial-client-data=0x1d8,0x1dc,0x1e0,0x1d4,0x1e4,0x7ffb8d016830,0x7ffb8d016840,0x7ffb8d016850
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=7672 --on-initialized-event-handle=660 --parent-handle=664 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=9161060245595479963 --mojo-platform-channel-handle=1712 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=3534981252164806717 --mojo-platform-channel-handle=1896 /prefetch:8
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Users\janhe\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe" uTorrent_8172_03BC2640_243841176 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=9592352616945976896 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9592352616945976896 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
"C:\Users\janhe\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe" uTorrent_8172_03BC1B90_2080506954 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --field-trial-handle=1316,4580583704558992862,7099214592251366654,131072 --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --service-pipe-token=12668629769830613152 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1555457005 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=12668629769830613152 --renderer-client-id=4 --mojo-platform-channel-handle=1420 /prefetch:1
"C:\Users\janhe\AppData\Roaming\uTorrent\helper\helper.exe" 31596 -- -pid 8172 -version 45146
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --field-trial-handle=1316,4580583704558992862,7099214592251366654,131072 --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --service-pipe-token=12760311956031313604 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1555457005 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=12760311956031313604 --renderer-client-id=5 --mojo-platform-channel-handle=2440 /prefetch:1
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
"C:\Program Files\HPCommRecovery\HPCommRecovery.exe"
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=17972768742748191989 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17972768742748191989 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3064 /prefetch:1
"C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=7512771387413718403 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7512771387413718403 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Origin\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --disable-gpu-memory-buffer-video-frames --enable-threaded-compositing --no-sandbox --disable-webrtc-hw-encoding --primordial-pipe-token=22362EF1914BF2FE86DD2F30679A1219 --lang=en-US --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-gpu-compositing --mojo-channel-token=81666E84F46A1C38AC5AB44E3C9FE045 --mojo-application-channel-token=22362EF1914BF2FE86DD2F30679A1219 --channel="4344.1.611980436\1194641756" --mojo-platform-channel-handle=3296 /prefetch:1
"C:\Program Files\rempl\sedsvc.exe"

"C:\Program Files (x86)\Origin\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --disable-gpu-memory-buffer-video-frames --enable-threaded-compositing --no-sandbox --disable-webrtc-hw-encoding --primordial-pipe-token=57DC515AB66E005038DC753E64155D60 --lang=en-US --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-gpu-compositing --mojo-channel-token=3AFBEFF4CA0CF3B94E606E24B20433AA --mojo-application-channel-token=57DC515AB66E005038DC753E64155D60 --channel="4344.3.63973999\798262002" --mojo-platform-channel-handle=4252 /prefetch:1
"C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s SharedAccess
C:\WINDOWS\System32\alg.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=2655261276208931272 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2655261276208931272 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe" /InvokerPRAID: App
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=2635668929314762463 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2635668929314762463 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s QWAVE
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=11683593532129529659 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11683593532129529659 --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=9979355037452911973 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9979355037452911973 --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=506037286677682497 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=506037286677682497 --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6596 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=3202945943524790845 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3202945943524790845 --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6556 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 744 748 756 8192 752
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x3b4
"C:\Users\janhe\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\HPCeeScheduleForjanhe.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForjanhe (null)

=========Mozilla firefox=========

ProfilePath - C:\Users\janhe\AppData\Roaming\Mozilla\Firefox\Profiles\s4hw76vf.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.171 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.171 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Password Manager - C:\Program Files\Norton Security\Engine\22.17.0.183\coIEPlg.dll [2019-03-07 1360400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-04-07 440864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Password Manager - C:\Program Files\Norton Security\Engine32\22.17.0.183\coIEPlg.dll [2019-03-07 1022992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-04-07 416288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Security\Engine\22.17.0.183\coIEPlg.dll [2019-03-07 1360400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Security\Engine32\22.17.0.183\coIEPlg.dll [2019-03-07 1022992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2018-03-27 3666528]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\janhe\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-04-16 1517880]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2019-04-17 3152160]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2019-04-23 3114256]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2018-06-20 729704]
"uTorrent"=C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe [2019-03-28 1998008]
"EPLTarget\P0000000000000000"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [2012-02-29 283232]
"EPLTarget\P0000000000000001"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIME.EXE [2014-12-12 283232]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RtlS5Wake"=C:\PROGRA~2\Realtek\PCIEWI~1\RTLS5W~1\RTLS5W~1.EXE [2017-06-26 1660760]
"HPMessageService"=C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [2018-03-22 709152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-04-23 20:10:11 ----D---- C:\rsit
2019-04-23 20:10:11 ----D---- C:\Program Files\trend micro
2019-04-23 19:25:55 ----D---- C:\$WINDOWS.~BT
2019-04-23 18:21:09 ----D---- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2019-04-16 00:09:11 ----HD---- C:\OneDriveTemp
2019-04-10 00:26:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2019-03-30 11:00:26 ----D---- C:\Users\janhe\AppData\Roaming\Mozilla
2019-03-30 11:00:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-30 10:59:42 ----D---- C:\Program Files (x86)\Mozilla Firefox
2019-03-30 10:02:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2019-03-24 13:08:24 ----D---- C:\Users\janhe\AppData\Roaming\Ashampoo
2019-03-24 13:03:18 ----D---- C:\ProgramData\Ashampoo
2019-03-24 13:03:13 ----D---- C:\Program Files (x86)\Ashampoo

======List of files/folders modified in the last 1 month======

2019-04-23 20:10:20 ----D---- C:\WINDOWS\Temp
2019-04-23 20:10:18 ----D---- C:\WINDOWS\Prefetch
2019-04-23 20:10:11 ----RD---- C:\Program Files
2019-04-23 20:10:07 ----D---- C:\Users\janhe\AppData\Roaming\uTorrent
2019-04-23 19:56:18 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-04-23 19:45:53 ----SHD---- C:\System Volume Information
2019-04-23 19:43:26 ----D---- C:\WINDOWS\System32
2019-04-23 19:43:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-23 19:43:25 ----D---- C:\WINDOWS\INF
2019-04-23 19:43:02 ----D---- C:\WINDOWS\system32\WDI
2019-04-23 19:42:31 ----D---- C:\ProgramData\Origin
2019-04-23 19:40:20 ----D---- C:\Program Files (x86)\Steam
2019-04-23 19:38:00 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-04-23 19:36:33 ----D---- C:\WINDOWS\system32\SleepStudy
2019-04-23 18:21:11 ----SHD---- C:\WINDOWS\Installer
2019-04-23 18:21:10 ----SHD---- C:\Config.Msi
2019-04-23 18:21:09 ----RD---- C:\Program Files (x86)
2019-04-23 18:20:43 ----D---- C:\WINDOWS\system32\catroot2
2019-04-23 18:07:41 ----D---- C:\WINDOWS\system32\drivers\wd
2019-04-23 17:15:08 ----D---- C:\Program Files (x86)\Origin
2019-04-23 17:03:23 ----D---- C:\WINDOWS\system32\sru
2019-04-23 16:09:19 ----D---- C:\Users\janhe\AppData\Roaming\vlc
2019-04-23 15:42:45 ----D---- C:\WINDOWS\system32\Tasks
2019-04-23 12:37:10 ----D---- C:\WINDOWS\system32\FxsTmp
2019-04-23 12:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2019-04-23 09:35:45 ----RD---- C:\WINDOWS\Microsoft.NET
2019-04-22 23:13:24 ----D---- C:\WINDOWS\CbsTemp
2019-04-22 16:00:52 ----D---- C:\WINDOWS\Logs
2019-04-21 08:14:11 ----D---- C:\WINDOWS\AppReadiness
2019-04-20 01:40:25 ----HD---- C:\Program Files\WindowsApps
2019-04-19 17:02:23 ----D---- C:\WINDOWS\system32\config
2019-04-17 08:20:23 ----D---- C:\WINDOWS\Tasks
2019-04-13 19:10:17 ----D---- C:\Program Files\Common Files\AV
2019-04-13 17:35:22 ----D---- C:\Windows
2019-04-13 17:31:49 ----D---- C:\WINDOWS\system32\drivers\NGCx64
2019-04-13 17:31:40 ----D---- C:\WINDOWS\system32\CatRoot
2019-04-13 17:30:08 ----D---- C:\WINDOWS\system32\drivers
2019-04-10 00:29:17 ----D---- C:\WINDOWS\WinSxS
2019-04-10 00:26:50 ----D---- C:\WINDOWS\system32\Macromed
2019-04-10 00:26:37 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2019-04-10 00:26:15 ----D---- C:\WINDOWS\SysWOW64
2019-04-10 00:15:22 ----D---- C:\WINDOWS\system32\MRT
2019-04-10 00:05:14 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-04-05 21:35:56 ----D---- C:\WINDOWS\system32\NDF
2019-04-05 07:58:15 ----D---- C:\Program Files\rempl
2019-03-31 11:37:38 ----RD---- C:\WINDOWS\assembly
2019-03-30 14:56:40 ----D---- C:\WINDOWS\LiveKernelReports
2019-03-30 10:01:48 ----D---- C:\WINDOWS\system32\DriverStore
2019-03-30 09:59:21 ----HD---- C:\WINDOWS\ELAMBKUP
2019-03-30 09:52:53 ----D---- C:\WINDOWS\TextInput
2019-03-30 09:52:53 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-03-30 09:52:53 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-03-30 09:52:53 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\migration
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\en-US
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-03-30 09:52:45 ----SD---- C:\WINDOWS\system32\UNP
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\zu-ZA
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\yo-NG
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\xh-ZA
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\wo-SN
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\tn-ZA
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\ti-ET
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\rw-RW
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\oobe
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\nso-ZA
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\migration
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\ig-NG
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\en-US
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\cs-CZ
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\appraiser
2019-03-30 09:52:43 ----D---- C:\WINDOWS\ShellExperiences
2019-03-30 09:52:42 ----RSD---- C:\WINDOWS\Fonts
2019-03-30 09:52:42 ----RD---- C:\Program Files\Windows Defender
2019-03-30 09:52:42 ----D---- C:\WINDOWS\bcastdvr
2019-03-30 09:52:42 ----D---- C:\WINDOWS\apppatch
2019-03-30 09:52:42 ----D---- C:\Program Files (x86)\Windows Defender
2019-03-30 09:52:39 ----D---- C:\WINDOWS\system32\Boot
2019-03-30 09:52:15 ----SD---- C:\WINDOWS\SYSWOW64\F12
2019-03-30 09:52:14 ----SD---- C:\WINDOWS\system32\F12
2019-03-30 09:52:14 ----D---- C:\WINDOWS\system32\drivers\UMDF
2019-03-30 09:52:06 ----D---- C:\Program Files\internet explorer
2019-03-30 09:52:06 ----D---- C:\Program Files (x86)\Internet Explorer
2019-03-24 13:03:18 ----HD---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files\Norton Security\NortonData\22.16.2.22\Definitions\BASHDefs\20181211.001\BHDrvx64.sys [2018-12-12 1925104]
R1 ccSet_NGC;NGC Settings Manager; C:\WINDOWS\System32\drivers\NGCx64\1611000.0B7\ccSetx64.sys [2019-03-07 192712]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2018-12-15 515792]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 IDSVia64;IDSVia64; \??\C:\Program Files\Norton Security\NortonData\22.16.2.22\Definitions\IPSDefs\20181214.061\IDSvia64.sys [2018-12-14 1305072]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-30 414720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R2 npf;NetGroup Packet Filter Driver; \??\C:\WINDOWS\system32\drivers\npf.sys [2017-10-08 36600]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0315761.inf_amd64_61b8be71fe4afae4\atikmdag.sys [2017-09-18 36577160]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0315761.inf_amd64_61b8be71fe4afae4\atikmpag.sys [2017-09-18 537992]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2018-11-09 200704]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-12-08 106496]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2018-04-12 48640]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-12 86528]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-12 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [2017-01-09 55792]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [2017-01-09 52208]
R3 dtlitescsibus;@oem1.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2018-08-03 30264]
R3 dtliteusbbus;@oem12.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2018-08-03 47672]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2018-12-15 153296]
R3 esif_lf;esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [2017-01-09 260080]
R3 ETD;@oem18.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2018-03-27 610856]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [2018-03-27 32808]
R3 igfxLP;igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [2017-09-18 7408080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2018-07-04 6111688]
R3 IntcDAud;@oem2.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2017-09-18 481768]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Ovladač přenosů Avrcp protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [2018-04-12 46592]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-12 193536]
R3 rt640x64;@oem19.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-09-13 1009128]
R3 RtkBtFilter;@oem29.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2018-05-31 784264]
R3 RTWlanE;@oem26.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2018-04-20 7904088]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-12-08 1097728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-03-06 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 RTSUER;@oem6.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2017-08-07 421312]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-09-18 560520]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2017-08-30 127488]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_68673;Uživatelská služba platformy připojených zařízení_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 EpsonScanSvc;Epson Scanner Service; C:\WINDOWS\system32\EscSvc64.exe [2011-12-12 135824]
R2 esifsvc;@oem14.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\SysWOW64\esif_uf.exe [2017-01-09 1419424]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2018-03-27 152672]
R2 HP Comm Recover;HP Comm Recovery; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [2017-09-05 1327400]
R2 HPJumpStartBridge;HP JumpStart Bridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [2017-10-06 477184]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2018-12-06 347512]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [2017-07-13 628768]
R2 chromoting;Služba Vzdálené plochy Chrome; C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe [2019-04-01 73200]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2017-09-18 356904]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [2015-04-21 174368]
R2 KingoSoftService;KingoSoftService; C:\Users\janhe\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe [2018-03-08 17384]
R2 NortonSecurity;Norton Security; C:\Program Files\Norton Security\Engine\22.17.0.183\NortonSecurity.exe [2019-03-07 225600]
R2 nsWscSvc;Norton WSC Service; C:\Program Files\Norton Security\Engine\22.17.0.183\nsWscSvc.exe [2019-03-07 934216]
R2 OneSyncSvc_68673;Hostitel synchronizace_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2019-04-23 3175728]
R2 osrss;@%systemroot%\system32\osrss.dll,-500; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2018-07-04 265672]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-30 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-03-30 338744]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-06-20 3606632]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-07-30 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 PimIndexMaintenanceSvc_68673;Data kontaktů_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-26 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-04-10 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-04-12 52832]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_68673;Uživatelská služba pro GameDVR a vysílání her_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_68673;Služba pro podporu uživatelů Bluetooth_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-09-18 284712]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_68673;DevicePicker_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_68673;Tok zařízení_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe [2019-04-04 1268720]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-26 153168]
S3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-06-03 1031704]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2015-09-03 887784]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_68673;Služba zasílání zpráv_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-03-17 172488]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2019-04-23 2304304]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_68673;PrintWorkflow_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny ntb

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

JanHellsing
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2012 14:53

Re: zpomaleny ntb

#3 Příspěvek od JanHellsing »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-23.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-23-2019
# Duration: 00:00:06
# OS: Windows 10 Home
# Cleaned: 30
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\GreenTree Applications
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Deleted C:\ProgramData\ytd video downloader
Deleted C:\Users\janhe\AppData\Roaming\Solvusoft

***** [ Files ] *****

Deleted C:\Users\Public\Desktop\ASHAMPOO DEALS.URL
Deleted C:\Users\Public\Desktop\YTD Video Downloader.lnk
Deleted C:\Users\janhe\Downloads\ReimageRepair.exe
Deleted C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKCU\Software\Reimage
Deleted HKCU\Software\csastats
Deleted HKCU\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Reimage
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3923 octets] - [23/04/2019 21:18:17]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny ntb

#4 Příspěvek od Rudy »

OK. Teď dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

JanHellsing
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2012 14:53

Re: zpomaleny ntb

#5 Příspěvek od JanHellsing »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.04.2019
Ran by janhe (administrator) on LAPTOP-SRK2DT6G (HP HP Laptop 17-bs0xx) (24-04-2019 14:48:54)
Running from C:\Users\janhe\Desktop
Loaded Profiles: janhe (Available Profiles: janhe)
Platform: Windows 10 Home Version 1803 17134.648 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(FingerPower Digital Technology Ltd. -> ) C:\Users\janhe\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.0.183\NortonSecurity.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Symantec Corporation -> Symantec Corporation) C:\Program Files\Norton Security\Engine\22.17.0.183\nsWscSvc.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\janhe\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIILE.EXE
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\janhe\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIIME.EXE
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\janhe\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\janhe\AppData\Roaming\uTorrent\helper\helper.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3666528 2018-03-27] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [1660760 2017-06-26] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [709152 2018-03-22] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3114256 2019-04-23] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\Run: [uTorrent] => C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe [1998008 2019-03-28] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIME.EXE [283232 2014-12-12] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\MountPoints2: {a54823df-9696-11e8-9007-2c6fc954708c} - "F:\setup.exe"
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\MountPoints2: {b4b21864-7967-11e8-b17e-2c6fc954708c} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\MountPoints2: {b4b220a7-7967-11e8-b17e-2c6fc954708c} - "H:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0DE3B5C2-7E79-451F-BFC4-3FD1210371A6} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {0FAEC281-6DF7-4EAE-BD03-3C1A0D97295E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1488248 2018-12-10] (HP Inc. -> HP Inc.)
Task: {12659619-8D43-49CA-BA99-20DEFFC8C4C2} - System32\Tasks\RtHDVBg_Session => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-07-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {14663B30-0490-4AA4-A009-4AB0A1E82CDC} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9268680 2018-07-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {20E2EE44-169A-4A8C-8B3A-73DF218FE25C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-26] (Google Inc -> Google Inc.)
Task: {2A74FAFA-450A-4124-BC5C-4285DA661D6C} - System32\Tasks\HPCeeScheduleForjanhe => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)
Task: {40ECAB84-EE83-48A3-81CB-E2C99B6F80F1} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-04-07] (HP Inc. -> HP Inc.)
Task: {44EA8AB6-20E9-4227-9030-EE0EFCA164A7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4BE422D0-2A9A-46C0-9D95-A289B3786732} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [461824 2017-10-06] (HP Inc. -> HP Inc.)
Task: {5BFBE4F3-0E25-4B5F-9933-9C06749C005F} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2226848 2019-03-07] (Symantec Corporation -> Symantec Corporation)
Task: {61F967B0-20DE-423C-8B9C-4B5E928BA4F6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-10] (Adobe Inc. -> Adobe)
Task: {7A296814-215F-4E00-A5EE-34578E0CF242} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [219512 2018-12-24] (HP Inc. -> HP Inc.)
Task: {9AC45B2C-8C10-4EB8-ABEA-B1344603EA29} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1488248 2018-12-10] (HP Inc. -> HP Inc.)
Task: {A32541DD-2DA2-4BF3-8194-06203BAF055C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {A46DD048-A4A4-4430-942D-D700FE4F6EAF} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files\Norton Security\Engine\22.17.0.183\SymErr.exe [101392 2019-03-07] (Symantec Corporation -> Symantec Corporation)
Task: {B00B02DB-408B-4827-BE79-1FE69025F484} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-10] (Adobe Inc. -> Adobe)
Task: {C8694DC2-7D18-4602-A563-61F858AD987A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-26] (Google Inc -> Google Inc.)
Task: {CAB40C1D-2A5E-483F-A8F8-7DFE5D923924} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {D1966A5C-2128-4329-98E4-5CF438105614} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.17.0.183\WSCStub.exe [2226848 2019-03-07] (Symantec Corporation -> Symantec Corporation)
Task: {D2709014-B573-4CD0-9414-E20A59DCCF81} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.17.0.183\SymErr.exe [101392 2019-03-07] (Symantec Corporation -> Symantec Corporation)
Task: {DC7C6652-B8E8-4E71-8C4A-8D82B14321D0} - System32\Tasks\StartCN => c:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-05-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {E5D98607-EACF-4EAC-88E8-75ABF66A392C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {E9D9B043-0F63-4366-82C7-D8CA506FE943} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB0A9582-6F9F-4FA7-85A7-E711FFBD4EC7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {EE6C0C77-E158-4B9F-84F0-EBDDF5844880} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644960 2017-02-02] (HP Inc. -> HP Inc.)
Task: {EF8ACE03-715B-48AD-BE9C-8C9BE6123F09} - System32\Tasks\Norton Internet Security\Norton Internet Security Autofix => C:\Program Files\Norton Security\Engine\22.17.0.183\SymErr.exe [101392 2019-03-07] (Symantec Corporation -> Symantec Corporation)
Task: {F70961D2-3F1C-4662-B35C-8ECD758E2AE4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForjanhe.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{88613f1c-99e4-42e9-a13e-f0e244988bf3}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {4E6BE066-84D8-4774-8C51-E6978C10C292} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {4E6BE066-84D8-4774-8C51-E6978C10C292} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3520694440-2128577825-3041864919-1001 -> {4E6BE066-84D8-4774-8C51-E6978C10C292} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.17.0.183\coIEPlg.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-04-07] (HP Inc. -> HP Inc.)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.17.0.183\coIEPlg.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-04-07] (HP Inc. -> HP Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.17.0.183\coIEPlg.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.17.0.183\coIEPlg.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation)

FireFox:
========
FF DefaultProfile: s4hw76vf.default
FF ProfilePath: C:\Users\janhe\AppData\Roaming\Mozilla\Firefox\Profiles\s4hw76vf.default [2019-03-31]
FF Extension: (Norton Password Manager) - C:\Users\janhe\AppData\Roaming\Mozilla\Firefox\Profiles\s4hw76vf.default\Extensions\idsafe@norton.com.xpi [2019-03-30]
FF Extension: (Norton Home Page) - C:\Users\janhe\AppData\Roaming\Mozilla\Firefox\Profiles\s4hw76vf.default\Extensions\nortonhomepage@symantec.com.xpi [2019-03-30] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/hp/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\janhe\AppData\Roaming\Mozilla\Firefox\Profiles\s4hw76vf.default\Extensions\nortonsafeweb@symantec.com.xpi [2019-03-30]
FF Extension: (No Name) - C:\Users\janhe\AppData\Roaming\Mozilla\Firefox\Profiles\s4hw76vf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-03-30]
FF Extension: (Google Code Correction) - C:\Users\janhe\AppData\Roaming\Mozilla\Firefox\Profiles\s4hw76vf.default\features\{246415ea-597c-4352-9920-889c314413f3}\google-code-correction@mozilla.org.xpi [2019-03-30] [Legacy]
FF Extension: (Telemetry coverage) - C:\Users\janhe\AppData\Roaming\Mozilla\Firefox\Profiles\s4hw76vf.default\features\{246415ea-597c-4352-9920-889c314413f3}\telemetry-coverage-bug1487578@mozilla.org.xpi [2019-03-30] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-10] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR HomePage: Default -> hxxp://mail.ru/cnt/10445?gp=855100
CHR StartupUrls: Default -> "hxxp://mail.ru/cnt/10445?gp=855100"
CHR Profile: C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Default [2019-04-24]
CHR Extension: (Prezentace) - C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-26]
CHR Extension: (Dokumenty) - C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-26]
CHR Extension: (Disk Google) - C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-04]
CHR Extension: (YouTube) - C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-26]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-23]
CHR Extension: (Norton Security Toolbar) - C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2019-04-23]
CHR Extension: (Tabulky) - C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (Audio EQ) - C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfafdlnjaliaghpjdajmlcnnblkgcefh [2018-06-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-26]
CHR Extension: (Gmail) - C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-31]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.17.0.183\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.17.0.183\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [560520 2017-09-18] (Advanced Micro Devices, Inc. -> AMD)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127488 2017-08-30] (Realtek Semiconductor Corp.) [File not signed]
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe [73200 2019-04-01] (Google LLC -> Google Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606632 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1419424 2017-01-09] (Intel(R) Software -> Intel Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [152672 2018-03-27] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1327400 2017-09-05] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [477184 2017-10-06] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [356904 2017-09-18] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887784 2015-09-03] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 KingoSoftService; C:\Users\janhe\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\checkupdate.exe [377832 2018-03-08] (FingerPower Digital Technology Ltd. -> )
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.17.0.183\NortonSecurity.exe [225600 2019-03-07] (Symantec Corporation -> Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.17.0.183\nsWscSvc.exe [934216 2019-03-07] (Symantec Corporation -> Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2304304 2019-04-23] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3175728 2019-04-23] (Electronic Arts, Inc. -> Electronic Arts)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [265672 2018-07-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0315761.inf_amd64_61b8be71fe4afae4\atikmdag.sys [36577160 2017-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0315761.inf_amd64_61b8be71fe4afae4\atikmpag.sys [537992 2017-09-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.16.2.22\Definitions\BASHDefs\20181211.001\BHDrvx64.sys [1925104 2018-12-12] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611000.0B7\ccSetx64.sys [192712 2019-03-07] (Symantec Corporation -> Symantec Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55792 2017-01-09] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52208 2017-01-09] (Intel(R) Software -> Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-08-03] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-08-03] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515792 2018-12-15] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153296 2018-12-15] (Symantec Corporation -> Symantec Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260080 2017-01-09] (Intel(R) Software -> Intel Corporation)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32808 2018-03-27] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.16.2.22\Definitions\IPSDefs\20181214.061\IDSvia64.sys [1305072 2018-12-14] (Symantec Corporation -> Symantec Corporation)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7408080 2017-09-18] (Intel(R) pGFX -> Intel Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-10-08] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1009128 2017-09-13] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [784264 2018-05-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [421312 2017-08-07] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [7904088 2018-04-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1611000.0B7\SRTSP64.SYS [859864 2019-03-07] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1611000.0B7\SRTSPX64.SYS [49888 2019-03-07] (Symantec Corporation -> Symantec Corporation)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1611000.0B7\SYMEFASI64.SYS [1998344 2019-03-07] (Symantec Corporation -> Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1611000.0B7\SymELAM.sys [25744 2019-03-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-03-30] (Symantec Corporation -> Symantec Corporation)
S4 SymEvnt; C:\Program Files\Norton Security\NortonData\22.16.2.22\SymPlatform\SymEvnt.sys [675544 2018-12-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1611000.0B7\Ironx64.SYS [315912 2019-03-07] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1611000.0B7\symnets.sys [573448 2019-03-07] (Symantec Corporation -> Symantec Corporation)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146200 2015-10-15] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344544 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35568 2018-08-31] (HP Inc. -> HP)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1611000.0B7\wpCtrlDrv.sys [1012120 2019-03-07] (Symantec Corporation -> Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-24 14:48 - 2019-04-24 14:52 - 000034880 _____ C:\Users\janhe\Desktop\FRST.txt
2019-04-24 11:26 - 2019-04-24 11:26 - 000000000 __SHD C:\found.002
2019-04-24 11:26 - 2019-04-24 11:26 - 000000000 __SHD C:\found.001
2019-04-24 11:26 - 2019-04-24 11:26 - 000000000 __SHD C:\found.000
2019-04-24 04:04 - 2019-04-24 14:48 - 000000000 ____D C:\FRST
2019-04-24 04:02 - 2019-04-24 04:02 - 002436096 _____ (Farbar) C:\Users\janhe\Desktop\FRST64.exe
2019-04-23 21:23 - 2019-04-23 21:23 - 000000000 ____D C:\Users\janhe\AppData\LocalLow\uTorrent
2019-04-23 21:17 - 2019-04-23 21:18 - 000000000 ____D C:\AdwCleaner
2019-04-23 21:14 - 2019-04-23 21:15 - 062824224 _____ (Malwarebytes ) C:\Users\janhe\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.10240.exe
2019-04-23 21:14 - 2019-04-23 21:14 - 007025360 _____ (Malwarebytes) C:\Users\janhe\Desktop\adwcleaner_7.3.exe
2019-04-23 20:10 - 2019-04-23 20:10 - 000000000 ____D C:\rsit
2019-04-23 20:10 - 2019-04-23 20:10 - 000000000 ____D C:\Program Files\trend micro
2019-04-23 20:09 - 2019-04-23 20:09 - 001222144 _____ C:\Users\janhe\Downloads\RSITx64.exe
2019-04-23 19:25 - 2019-04-23 19:25 - 000000000 ____D C:\$WINDOWS.~BT
2019-04-23 18:21 - 2019-04-23 18:21 - 000002203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Poradce pro upgrade na systém Windows 7.lnk
2019-04-23 18:21 - 2019-04-23 18:21 - 000002191 _____ C:\Users\Public\Desktop\Poradce pro upgrade na systém Windows 7.lnk
2019-04-23 18:21 - 2019-04-23 18:21 - 000000000 ____D C:\Users\janhe\AppData\Local\Microsoft Corporation
2019-04-23 18:21 - 2019-04-23 18:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2019-04-23 18:18 - 2019-04-23 18:19 - 008682272 _____ (Microsoft Corporation) C:\Users\janhe\Downloads\Windows7UpgradeAdvisorSetup.exe
2019-04-23 17:15 - 2019-04-23 17:16 - 013289632 _____ C:\Users\janhe\Downloads\YUMI-2.0.6.4.exe
2019-04-23 15:42 - 2019-04-23 15:42 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2019-04-16 00:09 - 2019-04-16 00:09 - 000000000 ___HD C:\OneDriveTemp
2019-04-13 17:39 - 2019-04-13 17:39 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2019-04-13 17:31 - 2019-04-23 16:26 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2019-04-13 17:31 - 2019-04-13 17:31 - 000003378 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2019-04-10 00:26 - 2019-04-10 00:26 - 005758008 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2019-04-04 09:46 - 2019-04-04 09:46 - 000571535 _____ C:\Users\janhe\Downloads\Výpis_42375976551100_2019_03.pdf
2019-03-30 11:11 - 2019-04-10 00:27 - 000004654 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-30 11:11 - 2019-04-10 00:27 - 000004506 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-03-30 11:10 - 2019-03-31 00:00 - 000000000 ____D C:\Users\janhe\AppData\Local\Adobe
2019-03-30 11:05 - 2019-03-30 11:05 - 000007605 _____ C:\Users\janhe\AppData\Local\Resmon.ResmonCfg
2019-03-30 11:00 - 2019-03-31 00:00 - 000000000 ____D C:\Users\janhe\AppData\LocalLow\Mozilla
2019-03-30 11:00 - 2019-03-30 11:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-30 11:00 - 2019-03-30 11:01 - 000000000 ____D C:\Users\janhe\AppData\Local\Mozilla
2019-03-30 11:00 - 2019-03-30 11:00 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2019-03-30 11:00 - 2019-03-30 11:00 - 000001227 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2019-03-30 11:00 - 2019-03-30 11:00 - 000000000 ____D C:\Users\janhe\AppData\Roaming\Mozilla
2019-03-30 10:59 - 2019-03-30 11:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-30 10:02 - 2019-04-01 19:51 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-03-30 10:02 - 2019-04-01 19:51 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-28 02:53 - 2019-03-28 02:53 - 000000000 ____D C:\Users\janhe\AppData\Local\BitTorrentHelper

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-24 14:53 - 2018-09-08 18:01 - 000000000 ____D C:\Users\janhe\AppData\Roaming\uTorrent
2019-04-24 14:47 - 2018-06-26 21:47 - 000000000 ____D C:\Users\janhe\AppData\Roaming\vlc
2019-04-24 14:47 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-24 14:46 - 2018-07-30 22:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-24 11:29 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-24 11:29 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-24 10:05 - 2018-07-31 00:02 - 000004212 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9CB17BA2-24FB-4141-B4E6-8D0809633907}
2019-04-24 08:32 - 2018-07-31 00:02 - 000003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForjanhe
2019-04-24 08:32 - 2018-06-27 08:26 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjanhe.job
2019-04-23 21:48 - 2018-06-26 16:47 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-23 21:27 - 2018-07-30 23:19 - 001835702 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-23 21:27 - 2018-04-12 17:50 - 000751742 _____ C:\WINDOWS\system32\perfh005.dat
2019-04-23 21:27 - 2018-04-12 17:50 - 000162380 _____ C:\WINDOWS\system32\perfc005.dat
2019-04-23 21:27 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-23 21:26 - 2018-09-12 11:26 - 000000510 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2019-04-23 21:26 - 2018-06-27 08:32 - 000000000 ____D C:\ProgramData\Origin
2019-04-23 21:23 - 2018-06-26 15:20 - 000000000 ___RD C:\Users\janhe\OneDrive
2019-04-23 21:21 - 2018-06-26 15:15 - 000000000 __SHD C:\Users\janhe\IntelGraphicsProfiles
2019-04-23 21:21 - 2018-06-26 12:07 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-04-23 21:20 - 2018-07-31 00:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-23 21:19 - 2018-04-11 23:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-04-23 21:18 - 2018-07-30 23:05 - 000000000 ____D C:\Users\janhe
2019-04-23 19:25 - 2018-07-31 00:01 - 000002544 _____ C:\WINDOWS\diagwrn.xml
2019-04-23 19:25 - 2018-07-31 00:01 - 000001890 _____ C:\WINDOWS\diagerr.xml
2019-04-23 18:07 - 2018-07-31 00:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-23 17:15 - 2018-06-27 08:39 - 000000000 ____D C:\Program Files (x86)\Origin
2019-04-23 16:26 - 2018-12-15 07:25 - 000002424 _____ C:\Users\Public\Desktop\Norton Security.lnk
2019-04-23 12:37 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-04-22 23:13 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-22 01:26 - 2018-06-28 23:15 - 000000000 ____D C:\Users\janhe\AppData\Local\Ubisoft Game Launcher
2019-04-16 00:08 - 2018-07-31 00:02 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3520694440-2128577825-3041864919-1001
2019-04-16 00:08 - 2018-07-30 23:05 - 000002372 _____ C:\Users\janhe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-13 19:10 - 2018-12-15 09:58 - 000000000 ____D C:\Program Files\Common Files\AV
2019-04-13 17:34 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-04-13 17:31 - 2018-12-15 07:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2019-04-11 05:14 - 2018-06-26 15:57 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 05:14 - 2018-06-26 15:57 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-10 00:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-10 00:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-10 00:15 - 2018-06-26 17:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 00:05 - 2018-06-26 17:27 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-05 21:35 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-05 07:58 - 2018-07-13 05:13 - 000000000 ____D C:\Program Files\rempl
2019-03-30 15:08 - 2018-12-15 07:26 - 000100064 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2019-03-30 15:08 - 2018-12-15 07:26 - 000008585 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2019-03-30 14:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-30 09:59 - 2018-07-30 22:55 - 000318312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-30 09:59 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-03-30 09:52 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-03-30 09:52 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-03-30 09:52 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-03-30 09:52 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-30 09:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-03-30 09:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-03-30 09:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-03-30 09:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-03-30 09:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-03-30 09:52 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-03-28 02:07 - 2018-07-31 00:02 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 02:07 - 2018-07-31 00:02 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2019-03-30 11:05 - 2019-03-30 11:05 - 000007605 _____ () C:\Users\janhe\AppData\Local\Resmon.ResmonCfg
2019-03-10 11:18 - 2019-03-10 16:47 - 000000074 _____ () C:\Users\janhe\AppData\Local\uts.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.04.2019
Ran by janhe (24-04-2019 14:54:14)
Running from C:\Users\janhe\Desktop
Windows 10 Home Version 1803 17134.648 (X64) (2018-07-30 22:06:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3520694440-2128577825-3041864919-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3520694440-2128577825-3041864919-503 - Limited - Disabled)
Guest (S-1-5-21-3520694440-2128577825-3041864919-501 - Limited - Disabled)
janhe (S-1-5-21-3520694440-2128577825-3041864919-1001 - Administrator - Enabled) => C:\Users\janhe
WDAGUtilityAccount (S-1-5-21-3520694440-2128577825-3041864919-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Disabled - Out of date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Disabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\uTorrent) (Version: 3.5.5.45146 - BitTorrent Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM-x32\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Apowersoft Video Konvertor V4.7.9 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.7.9 - APOWERSOFT LIMITED)
Ashampoo Burning Studio 20 (HKLM-x32\...\{91B33C97-155F-C10C-D4D6-CABA03805EE4}_is1) (Version: 20.0.4 - Ashampoo GmbH & Co. KG)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{108D5EFB-62B2-F89A-920F-1E2FECC10465}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{1E48BB5B-2FEB-E270-CF93-5A84D1D7E944}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{79050ED9-643C-68A5-2E62-178FC24EBFFE}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{0E31313C-ACED-AD62-3EE7-D61BC1A45C48}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{36294A42-B636-E3E5-4F64-7A8F81DE2D2F}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{AB31322F-0A98-9289-E098-2C2651F5253C}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{0F73CCEC-978B-2185-580F-0379B3A20AAD}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{FCAD21F9-0825-7643-1081-2EBDE590FAF4}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{97A6C719-A559-702E-05E3-230BE8F24E39}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{DA36084C-FA37-072A-5FBE-0DA2FDCED2A6}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{6A33B6F5-9351-E699-0410-EFC78135625E}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{27651C4A-0A34-809C-FB0C-C44E11139DA4}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{C1EFEB79-7DA3-8C3A-83A4-F6D7111D56CE}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{76D90D6C-0447-FD20-F3C6-5D94C8FD52FA}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{5090A42D-FB09-E809-5C9A-9C652FEDFCA8}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{23756DC9-343D-07B9-57F8-F5BD3F883A7C}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{394F2529-8E54-42BA-3A4F-4D95C9B519B2}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4AE4D943-29F6-5E01-AD45-56D5451CB093}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{8A5E75EB-670F-73B5-CB3D-0D5D732A0A5D}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{BBDA6EB1-1E6E-85FD-1560-0B0538F987AD}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{DBD847E2-28DC-E84C-2E01-C3ADC898AA5D}) (Version: 2017.0517.1614.27405 - Advanced Micro Devices, Inc.) Hidden
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ Red Alert™ 3 and Uprising (HKLM-x32\...\{3C315BF7-4B64-4024-8102-174A197437FA}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Crysis 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.9.0.0 - Electronic Arts)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0466 - Disc Soft Ltd)
Deer Hunter - The 2005 Season (HKLM-x32\...\Deer Hunter 2005_is1) (Version: - Atari, Inc.)
Deer Hunter 2004 Demo - Legendary Hunting (HKLM-x32\...\Deer Hunter 2004 Demo_is1) (Version: - Atari, Inc.)
ELAN Touchpad 18.2.23.3_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.23.3 - ELAN Microelectronic Corp.)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-202 203 206 Series Printer Uninstall (HKLM\...\EPSON XP-202 203 206 Series) (Version: - SEIKO EPSON Corporation)
EPSON XP-205 207 Series Printer Uninstall (HKLM\...\EPSON XP-205 207 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.0.0.11" - Rockstar Games)
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.9.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}) (Version: 8.7.50.3 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{04442D89-B941-4C8C-B20D-625233B78BB0}) (Version: 12.10.49.21 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{5D308D1F-E37B-431A-8D35-67D16287467D}) (Version: 1.4.28 - HP Inc.)
Hunting Unlimited 4 1.0 (HKLM-x32\...\Hunting Unlimited 4) (Version: 1.0 - ValuSoft)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Chrome Remote Desktop Host (HKLM-x32\...\{786E64DA-CDC1-432B-BCAB-5912C73A72E9}) (Version: 74.0.3729.56 - Google Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10608.329 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4703 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1094 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{a2167b7c-e567-4ae5-9c88-8e1349a01363}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Kingo ROOT version 1.5.8.3353 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.5.8.3353 - Kingosoft Technology Ltd.)
Microsoft OneDrive (HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 52.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 52.0.1 (x86 cs)) (Version: 52.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.1 - Mozilla)
Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.3.0.0 - Electronic Arts)
Norton Internet Security (HKLM-x32\...\NGC) (Version: 22.17.0.183 - Symantec Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 22.0.1 - OBS Project)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Název společnosti:)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.37.24524 - Electronic Arts, Inc.)
Poradce pro upgrade na systém Windows 7 (HKLM-x32\...\{C3A13A35-63AC-427a-92E6-960C1D01FABB}) (Version: 2.0.5000.0 - Microsoft Corporation)
PX Profile Update (HKLM-x32\...\{FABF0E8E-52FD-C32B-E323-07AC7A516F82}) (Version: 1.00.1. - AMD) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.79 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31237 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.21.811.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8393 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.104 - REALTEK Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.8 - Rockstar Games)
Scorpions WinCheater (HKLM-x32\...\Scorpions WinCheater 2.07 (s databází 148)_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 63.0 - Ubisoft)
Verbatim Hard Drive Formatter (HKLM-x32\...\Verbatim Hard Drive Formatter_is1) (Version: - Verbatim)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VooPoo version 1.5.1.31 (HKLM-x32\...\{63EEAD1F-3FC8-40F5-A415-E4BE098004C0}_is1) (Version: 1.5.1.31 - KunShan XW-TEC)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\Warcraft III) (Version: - )
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.0.183\NavShExt.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-08-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-08-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.0.183\NavShExt.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-05-17] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.0.183\buShell.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.0.183\NavShExt.dll [2019-03-07] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-08-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-08-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-02-16 18:14 - 2012-11-12 16:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2019-02-16 18:14 - 2012-10-22 18:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
2018-01-08 19:00 - 2017-08-30 18:57 - 000127488 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2017-05-17 16:12 - 2017-05-17 16:12 - 000851456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2017-05-17 16:12 - 2017-05-17 16:12 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamcsy.dll
2019-03-31 11:29 - 2019-03-31 11:29 - 004483072 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DiscSoft.NET.Common\3cdfbcf1d4db68fa10746331e05b0db1\DiscSoft.NET.Common.ni.dll
2019-03-31 11:32 - 2019-03-31 11:32 - 003039232 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DotNetCommon\01b12ebcfd59876f76a4371b74e79790\DotNetCommon.ni.dll
2019-03-31 11:28 - 2019-03-31 11:28 - 004917248 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DTLite\458f75f82a6de0b4793df0abb982e64f\DTLite.ni.exe
2019-03-31 11:29 - 2019-03-31 11:29 - 000138752 _____ (Disc Soft Ltd) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DTLiteHelper\211e13bc9246ff21fd482888aeacac20\DTLiteHelper.ni.exe
2016-09-09 14:20 - 2016-09-09 14:20 - 005496320 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-09 14:19 - 2016-09-09 14:19 - 000912384 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 005444608 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000277504 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 002924544 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 005804544 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 003187712 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000193024 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 001061376 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000011776 _____ () [File not signed] c:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 002013696 _____ () [File not signed] c:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000310784 _____ (The Qt Company Ltd) [File not signed] c:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-09 14:20 - 2016-09-09 14:20 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-04-23 17:14 - 2019-04-23 17:10 - 001177600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-04-23 17:14 - 2019-04-23 17:10 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-04-23 17:14 - 2019-04-23 17:10 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-04-23 17:14 - 2019-04-23 17:10 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-04-23 17:14 - 2019-04-23 17:10 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-04-23 17:14 - 2019-04-23 17:10 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-04-23 17:14 - 2019-04-23 17:10 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-04-23 17:14 - 2019-04-23 17:10 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-03-31 11:43 - 2019-03-31 11:43 - 001567232 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HPAudioSwitch\915a93bc288cb667c4ead9459692161c\HPAudioSwitch.ni.exe
2019-03-31 11:43 - 2019-03-31 11:43 - 000764928 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\a1d8f678b50292d989072e1b75e72ba8\log4net.ni.dll
2019-03-31 11:43 - 2019-03-31 11:43 - 000129536 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\18abc1546f7fd36f2144e91ae6116b8d\Hardcodet.Wpf.TaskbarNotification.ni.dll
2019-03-31 11:43 - 2019-03-31 11:43 - 001549312 _____ (Mark Heath) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\818fad3eb6b481a0e888c5e2569a1694\NAudio.ni.dll
2019-03-31 11:38 - 2019-03-31 11:38 - 002227200 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\4582e50ce61e5fbb8e458df79cd7a84e\Newtonsoft.Json.ni.dll
2019-03-31 11:43 - 2019-03-31 11:43 - 000141312 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\9384196ea1e1fa6c9b853d15a9e3b0c9\Interop.IWshRuntimeLibrary.ni.dll
2019-03-31 11:41 - 2019-03-31 11:41 - 000172544 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HPJumpStartBridge\ac4d2e3d1d11b9d5da4df3703df1def7\HPJumpStartBridge.ni.exe
2019-03-31 11:37 - 2019-03-31 11:37 - 000156672 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\5c8205d93a18c751218761c3b15473c1\BRIDGECommon.ni.dll
2019-03-31 11:41 - 2019-03-31 11:41 - 000131584 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\7695e152afc6d412e6ba001d5602b5b7\CommonPortable.ni.dll
2019-03-31 11:41 - 2019-03-31 11:41 - 000374784 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\f229d388ad289da81e4f92c485070514\CleanStartController.ni.dll
2019-03-31 11:41 - 2019-03-31 11:41 - 000121344 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\645a97e8106e48931785ef8a467e6727\BridgeExtension.ni.dll
2019-03-31 11:41 - 2019-03-31 11:41 - 000139776 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\414563ac2981ab79d846dc2186701ffd\RegistrationUtilities.ni.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


2018-09-12 11:26 - 2019-04-23 21:26 - 000000510 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

192.168.137.1 LAPTOP-SRK2DT6G.mshome.net # 2023 9 4 14 15 40 37 82
192.168.137.194 pocky-PC.mshome.net # 2018 9 6 22 9 5 27 366

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\janhe\Desktop\IMG_20180903_230132.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2B5A5017-D5F1-43DF-89FE-362C532B8032}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{B3A4DAAE-CD50-4E23-B25C-E76D81EFC8B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.New.Order\WolfNewOrder_x64.exe (MachineGames) [File not signed]
FirewallRules: [{D5671404-7651-4A86-999A-88DFE1E9C0EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Enemy Front\Bin32\DedicatedServer.exe (CI Games S.A.) [File not signed]
FirewallRules: [{5ED155ED-2646-4755-86D9-7BC9EBEF1FF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Enemy Front\Bin32\DedicatedServer.exe (CI Games S.A.) [File not signed]
FirewallRules: [{0CB19F4A-4104-4EA9-9D0D-7A2CB5C99F60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Enemy Front\Bin32\EnemyFront.exe (CI Games S.A.) [File not signed]
FirewallRules: [{63F04ABB-B71A-4801-91DB-4E37493345BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Enemy Front\Bin32\EnemyFront.exe (CI Games S.A.) [File not signed]
FirewallRules: [{F21C35EB-CF40-4961-9731-75D93552E319}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe () [File not signed]
FirewallRules: [{8009512E-1024-422D-9415-716AA4D41A35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe () [File not signed]
FirewallRules: [{D32128F8-5D7D-4AA2-A115-BA2CC89D160D}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{833F026E-71BF-4C59-8008-DA1A7D8F74A4}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{074E1D03-14B7-4211-A21B-6A02CA167C32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{8019837F-55BE-4BF6-8AFF-17DA1E05A6F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{B73AE750-DAA3-4D75-B7DE-06D0D1BC83CA}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16_trial.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{59C2C99F-54A9-43D2-A968-394C54052F84}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16_trial.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{CB85FE32-C26D-42DD-9784-67BB3AAD5D8D}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{64048822-0E92-4841-BAC0-3F961AC1565E}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{086107C0-98FB-405D-B178-92A000984A4E}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe (Kalloc Studios, Inc. -> Kalloc Studios) [File not signed]
FirewallRules: [{33AE7ABC-C906-453D-96E5-FBD35AD9E53F}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe (Kalloc Studios, Inc. -> Kalloc Studios) [File not signed]
FirewallRules: [{233DA13A-3357-4E1A-8FC8-9F61A3F6740C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FEAR2\FEAR2.exe (Monolith Productions, Inc. -> Monolith Productions, Inc.)
FirewallRules: [{96AC22CB-F445-4E92-BED5-D4DEDD29924B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FEAR2\FEAR2.exe (Monolith Productions, Inc. -> Monolith Productions, Inc.)
FirewallRules: [{37DB98F5-2FC4-4AB4-BA68-784C7538098E}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe (Kalloc Studios, Inc. -> Kalloc Studios) [File not signed]
FirewallRules: [{14EC745E-F437-42B4-9348-4D4790A62F43}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe (Kalloc Studios, Inc. -> Kalloc Studios) [File not signed]
FirewallRules: [{E2BFF0C7-FCE6-4FB4-AEAF-C43BB29EFCE2}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe (Kalloc Studios, Inc. -> Kalloc Studios) [File not signed]
FirewallRules: [{12E5A8A9-714C-4B3C-9C01-43FD57D54EE7}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe (Kalloc Studios, Inc. -> Kalloc Studios) [File not signed]
FirewallRules: [{8730AFDA-B4FB-45F8-89C8-747669D23E21}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 2\bin32\Crysis2.exe (Electronic Arts -> Crytek GmbH)
FirewallRules: [{98E4C6AA-A11B-4160-9A98-9CC0B2B856F4}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 2\bin32\Crysis2.exe (Electronic Arts -> Crytek GmbH)
FirewallRules: [{057EA2CF-0F89-4045-A35E-9446D88B12D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{C88FC49A-C82F-4895-A547-C79C920A9778}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{EE9E8FEC-AB09-4635-9D83-5896D4338F63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Port Royale 3\PortRoyale3.exe (Gaming Minds Studios GmbH) [File not signed]
FirewallRules: [{81D4868D-4F46-4E13-AF1C-0FD398C3089F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Port Royale 3\PortRoyale3.exe (Gaming Minds Studios GmbH) [File not signed]
FirewallRules: [{F49C42D3-8DA9-4304-96B2-0362495EAC14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{A967527C-7917-4152-BA47-06E0A77DE8BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{F5CA573E-B41E-4E4B-80B6-45C02EED56C5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{A9CD8B7F-5B20-4607-B502-700252254363}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{3CDADD08-248C-4BD1-8EE3-0A3B71B1BBEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia III\launcher.exe (2K Games) [File not signed]
FirewallRules: [{6FA0DF26-A554-48BF-BDF9-1B02013FB68A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia III\launcher.exe (2K Games) [File not signed]
FirewallRules: [{C7B7ECD5-7681-4406-9006-FFBC203C4715}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{1C50CCB9-8EA7-4B38-A9AB-7CD9B8FD9B98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{FE48BD88-A101-41CC-869D-62C172DEAF25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{668F7B23-DFF8-4C5B-A366-515B8E8A4C17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{8C203099-F632-4895-A5E7-21E7BFCD2009}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{264E1D56-79F2-48A3-915B-E62CA3CEB706}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{02A65873-E4DA-4008-A139-1197FC054F4E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3DD86F29-3404-4CD6-B6DB-332364ED7BDA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{ABA13885-02CF-411D-B563-F160DCB1235D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E25ACD47-6D76-4A54-89FF-8AF937173AA8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{77FA0560-E166-40F1-85B1-111334714795}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C2FFE517-6EE6-426B-BBE8-10FC7C6AF8CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{26F025A9-6E11-419E-90A3-884DB331DCB6}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{C0CDB876-B50D-4E6A-9A7F-4A68FE332E41}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{58B66B39-06F5-4264-84F7-194C7776D116}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{CE1C48DF-E463-4A88-9168-77F5C49EB701}] => (Allow) C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{869F8222-F57E-4DEA-8C5A-F97AE26C1641}] => (Allow) C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E7D13B40-12FC-4E92-85D2-028C5D5E7DB2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{994F8B78-0B88-4732-A84D-08536886EF3B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E656790D-8D92-4629-92EE-8BFC20601E68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Civilizations II\AoC2.exe () [File not signed]
FirewallRules: [{C1C49FFC-11CF-4557-BF25-226E7AC11100}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Civilizations II\AoC2.exe () [File not signed]
FirewallRules: [{64EF2A59-190C-4294-8939-8FFECE3BFF26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{AF6BB9D1-F802-4509-A3A1-F1F567D60E40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{04E1FC6B-666E-4457-B8F9-B1675D34E595}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PRO FISHING\ProFishing.exe () [File not signed]
FirewallRules: [{1ADE6949-27C5-43DC-86B3-AB5FFE4017F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PRO FISHING\ProFishing.exe () [File not signed]
FirewallRules: [{CA9E2113-3A6B-4ABE-968B-5139AB5D6B89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{3AFE71CB-4EB8-4264-B16F-0AA338450450}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{58FC154A-BFDA-4535-AAA1-178D1C5E23D7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{E01396C8-5189-430A-A88D-AF04BBB2EBC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{0C7D863C-74E5-483C-9D51-95132BC540B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (QLOC S.A. -> Bethesda Softworks)
FirewallRules: [{69A0AFFE-3835-47E8-8DD3-F1667790A919}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe (QLOC S.A. -> Bethesda Softworks)
FirewallRules: [{1110839E-FABD-4AD4-8DA9-730DA8D36928}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [File not signed]
FirewallRules: [{A0514A0D-D231-468A-B987-09CD8A2671C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SniperGhostWarrior2\Bin32\SniperGhostWarrior2.exe (City Interactive S.A.) [File not signed]
FirewallRules: [{740FD03C-4ADE-47F0-8F2C-EFBF59C7FA77}] => (Allow) C:\Users\janhe\AppData\Local\Temp\EPSON XP-205 207 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe No File
FirewallRules: [{73AAC2EF-F308-4A3C-915E-8DC4E1A661AA}] => (Allow) C:\Users\janhe\AppData\Local\Temp\EPSON XP-205 207 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe No File
FirewallRules: [{098A4423-4CCF-4015-B506-BBA858FBCB48}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D2D638D0-48DB-4AC8-A519-8517E2CA1733}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D3913CB7-1CE1-4F72-AA73-A838BD5EC0EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{6CCCDD74-5A1F-46BB-9289-8052A69068DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{3D962B7F-DCF1-4A49-BE73-62C7C4200DA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B4BB7210-C40D-4ABD-8961-29103C934C7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{751B6779-1C33-47A4-9606-5AECA99BD221}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [{5842F7A5-2984-4A93-B869-48BD7FCD0A45}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{CC147E34-9B4C-49FD-A4C0-66A1D0B2CB35}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11425.20228.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{76BD4B43-5E5A-4F78-B122-58851E23A3E1}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A9DAC92F-BADF-4810-A520-B8D81D909D4D}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)

==================== Restore Points =========================

23-04-2019 18:19:21 Nainstalováno: Poradce pro upgrade na systém Windows 7

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2019 11:25:17 AM) (Source: ESENT) (EventID: 454) (User: )
Description: wuaueng.dll (12728,R,98) SUS20ClientDataStore: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -515.

Error: (04/24/2019 11:25:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: svchost (3664,R,98) SRUJet: Hlavička souboru protokolu C:\WINDOWS\system32\SRU\SRU.log se nedá přečíst. Chyba: -501

Error: (04/24/2019 11:25:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: svchost (3664,R,98) SRUJet: Hlavička souboru protokolu C:\WINDOWS\system32\SRU\SRU.log se nedá přečíst. Chyba: -501

Error: (04/24/2019 11:25:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: svchost (3664,R,98) SRUJet: Hlavička souboru protokolu C:\WINDOWS\system32\SRU\SRU.log se nedá přečíst. Chyba: -501

Error: (04/24/2019 11:25:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: svchost (3664,R,98) SRUJet: Hlavička souboru protokolu C:\WINDOWS\system32\SRU\SRU.log se nedá přečíst. Chyba: -501

Error: (04/24/2019 11:25:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: svchost (3664,R,98) SRUJet: Hlavička souboru protokolu C:\WINDOWS\system32\SRU\SRU.log se nedá přečíst. Chyba: -501

Error: (04/24/2019 11:25:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: svchost (3664,R,98) SRUJet: Hlavička souboru protokolu C:\WINDOWS\system32\SRU\SRU.log se nedá přečíst. Chyba: -501

Error: (04/24/2019 11:25:00 AM) (Source: ESENT) (EventID: 412) (User: )
Description: svchost (3664,R,98) SRUJet: Hlavička souboru protokolu C:\WINDOWS\system32\SRU\SRU.log se nedá přečíst. Chyba: -501


System errors:
=============
Error: (04/24/2019 02:58:54 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/24/2019 02:58:54 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/24/2019 02:58:19 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/24/2019 02:57:27 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/24/2019 11:57:37 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku C: bylo zjištěno poškození.

Bylo nalezeno poškození ve struktuře indexů systému souborů. Referenční číslo souboru je 0x2e00000000d8ba. Název souboru je \$WINDOWS.~BT\Sources\cs-cz. Poškozený atribut indexu je :$I30:$INDEX_ALLOCATION.

Error: (04/24/2019 11:27:17 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/24/2019 11:26:09 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: C:\Device\HarddiskVolume33

Error: (04/24/2019 11:25:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Windows Update byla ukončena s následující chybou:
%%3355443715


Windows Defender:
===================================
Date: 2019-04-23 10:34:21.956
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0E92BA55-233C-4FA1-A0C1-C8489EE51CB1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-22 09:05:28.560
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {005DA982-60AC-483B-8A94-7C7E7624C3FB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-22 08:51:12.975
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {DACBE57F-DD58-42CD-A144-07F48B5CCF78}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-22 08:32:17.298
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0A93DB6D-5365-4C95-ADE9-6A0247EA94AC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-22 08:21:21.283
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F080FB0E-C8F6-43D2-AE62-0F4A39FD6928}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-23 21:36:55.706
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.36.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80080005
Popis chyby :Provádění serveru selhalo

Date: 2019-04-23 19:58:09.356
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.36.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x80080005
Popis chyby :Provádění serveru selhalo

Date: 2019-04-17 17:41:15.156
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.2050.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x80240438
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-04-22 01:17:29.112
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.17.0.183\BuShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-22 01:17:29.075
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.17.0.183\BuShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-22 01:17:28.961
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.17.0.183\BuShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-28 01:53:34.653
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.16.3.21\BuShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-28 01:53:34.602
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.16.3.21\BuShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-28 01:53:34.507
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.16.3.21\BuShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-04 01:38:27.970
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.16.3.21\BuShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-04 01:38:27.927
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Norton Security\Engine\22.16.3.21\BuShell.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Insyde F.15 11/01/2017
Motherboard: HP 8343
Processor: Intel(R) Pentium(R) CPU N3710 @ 1.60GHz
Percentage of memory in use: 53%
Total physical RAM: 8018.18 MB
Available physical RAM: 3755.76 MB
Total Virtual: 9298.18 MB
Available Virtual: 4504.91 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:916.19 GB) (Free:379.9 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.09 GB) (Free:0.33 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (GSP1RMCHPXFREO_CS_DVD) (CDROM) (Total:2.97 GB) (Free:0 GB) UDF
Drive k: (POCKY DISK) (Fixed) (Total:1630.14 GB) (Free:629.37 GB) NTFS

\\?\Volume{28500ead-bd8b-41a8-964b-d46dbe34b6c2}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.47 GB) NTFS
\\?\Volume{3223da79-9cf7-497c-9d01-b1f7ce0d3f9a}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A50E1C7D)

Partition: GPT.

========================================================
Disk: 1 (Size: 1630.1 GB) (Disk ID: 7609B605)
Partition 1: (Not Active) - (Size=1630.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny ntb

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\MountPoints2: {a54823df-9696-11e8-9007-2c6fc954708c} - "F:\setup.exe"
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\MountPoints2: {b4b21864-7967-11e8-b17e-2c6fc954708c} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\MountPoints2: {b4b220a7-7967-11e8-b17e-2c6fc954708c} - "H:\HiSuiteDownLoader.exe"
Task: {20E2EE44-169A-4A8C-8B3A-73DF218FE25C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-26] (Google Inc -> Google Inc.)
Task: {C8694DC2-7D18-4602-A563-61F858AD987A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-26] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{F5CA573E-B41E-4E4B-80B6-45C02EED56C5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{A9CD8B7F-5B20-4607-B502-700252254363}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{8C203099-F632-4895-A5E7-21E7BFCD2009}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{264E1D56-79F2-48A3-915B-E62CA3CEB706}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{740FD03C-4ADE-47F0-8F2C-EFBF59C7FA77}] => (Allow) C:\Users\janhe\AppData\Local\Temp\EPSON XP-205 207 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe No File
FirewallRules: [{73AAC2EF-F308-4A3C-915E-8DC4E1A661AA}] => (Allow) C:\Users\janhe\AppData\Local\Temp\EPSON XP-205 207 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

JanHellsing
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2012 14:53

Re: zpomaleny ntb

#7 Příspěvek od JanHellsing »

po dokonceni akce probehl auto reset a opraca disku c. doufam ze vlozim spravny log.
Fix result of Farbar Recovery Scan Tool (x64) Version: 23.04.2019
Ran by janhe (24-04-2019 16:22:23) Run:1
Running from C:\Users\janhe\Desktop
Loaded Profiles: janhe (Available Profiles: janhe)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\MountPoints2: {a54823df-9696-11e8-9007-2c6fc954708c} - "F:\setup.exe"
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\MountPoints2: {b4b21864-7967-11e8-b17e-2c6fc954708c} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\...\MountPoints2: {b4b220a7-7967-11e8-b17e-2c6fc954708c} - "H:\HiSuiteDownLoader.exe"
Task: {20E2EE44-169A-4A8C-8B3A-73DF218FE25C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-26] (Google Inc -> Google Inc.)
Task: {C8694DC2-7D18-4602-A563-61F858AD987A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-26] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{F5CA573E-B41E-4E4B-80B6-45C02EED56C5}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{A9CD8B7F-5B20-4607-B502-700252254363}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{8C203099-F632-4895-A5E7-21E7BFCD2009}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{264E1D56-79F2-48A3-915B-E62CA3CEB706}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{740FD03C-4ADE-47F0-8F2C-EFBF59C7FA77}] => (Allow) C:\Users\janhe\AppData\Local\Temp\EPSON XP-205 207 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe No File
FirewallRules: [{73AAC2EF-F308-4A3C-915E-8DC4E1A661AA}] => (Allow) C:\Users\janhe\AppData\Local\Temp\EPSON XP-205 207 Series_Home\Network\EpsonNetSetup\Data\ENEasyApp.exe No File

EmptyTemp:
End

*****************

Processes closed successfully.
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a54823df-9696-11e8-9007-2c6fc954708c} => removed successfully
HKLM\Software\Classes\CLSID\{a54823df-9696-11e8-9007-2c6fc954708c} => not found
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b4b21864-7967-11e8-b17e-2c6fc954708c} => removed successfully
HKLM\Software\Classes\CLSID\{b4b21864-7967-11e8-b17e-2c6fc954708c} => not found
HKU\S-1-5-21-3520694440-2128577825-3041864919-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b4b220a7-7967-11e8-b17e-2c6fc954708c} => removed successfully
HKLM\Software\Classes\CLSID\{b4b220a7-7967-11e8-b17e-2c6fc954708c} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20E2EE44-169A-4A8C-8B3A-73DF218FE25C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20E2EE44-169A-4A8C-8B3A-73DF218FE25C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C8694DC2-7D18-4602-A563-61F858AD987A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8694DC2-7D18-4602-A563-61F858AD987A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F5CA573E-B41E-4E4B-80B6-45C02EED56C5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A9CD8B7F-5B20-4607-B502-700252254363}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C203099-F632-4895-A5E7-21E7BFCD2009}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{264E1D56-79F2-48A3-915B-E62CA3CEB706}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{740FD03C-4ADE-47F0-8F2C-EFBF59C7FA77}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73AAC2EF-F308-4A3C-915E-8DC4E1A661AA}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 130015366 B
Java, Flash, Steam htmlcache => 13979420 B
Windows/system/drivers => 722179 B
Edge => 1704762 B
Chrome => 279187358 B
Firefox => 52753314 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1012699 B
systemprofile32 => 0 B
LocalService => 15478 B
LocalService => 0 B
NetworkService => 548544 B
NetworkService => 0 B
janhe => 26561339 B

RecycleBin => 51164523113 B
EmptyTemp: => 48.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:26:12 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny ntb

#8 Příspěvek od Rudy »

Zřejmě tam byla nějaká disková chyba. Jinak smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

JanHellsing
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2012 14:53

Re: zpomaleny ntb

#9 Příspěvek od JanHellsing »

celkovy start je stejne pomalej. muj nazor je ten ze tento ntb proste nezvlada w10.... ntb co je stary cca 10 let PackardBell. z w10 i w7 zvlada mnohem vic nez HP z roku 2018. konkretni priklad je na hre age of empire 2. celkem nenarocna hra HP se pri behu hry laguje a hra je tim nehrtelna.. a pc se obcas lagne samo o sobe... zkusim popripadne jeste tovarko pokud vas nenapadne neco co by pomohlo.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny ntb

#10 Příspěvek od Rudy »

Ještě zkuste defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

JanHellsing
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2012 14:53

Re: zpomaleny ntb

#11 Příspěvek od JanHellsing »

tak ani defag nepomohl.. hold ho bud prodam nebo prohodim hdd na druhy ntb a nainstaluju w7

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny ntb

#12 Příspěvek od Rudy »

W7 a w10 jsou na to ve spotřebě systémových prostředků zhruba stejně. Od kdy máte ten problém? Poslední (dubnové) aktualizace win nebyly právě povedené.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

JanHellsing
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2012 14:53

Re: zpomaleny ntb

#13 Příspěvek od JanHellsing »

od koupi pred vanoci probehla pouze 1 aktualizace pak uz nic vetsinou je blokuju nejsou temer k nicemu.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118194
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny ntb

#14 Příspěvek od Rudy »

JanHellsing píše:od koupi pred vanoci probehla pouze 1 aktualizace pak uz nic vetsinou je blokuju nejsou temer k nicemu.
V tom pravdu nemáte, aktualizace postatně snižují riziko napadení systému. Občas (jako teď) se sice nepovedou. ale jinak jsou důležité. Koukneme se ještě na disk. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: https://www.stahuj.cz/utility_a_ostatni ... ldiskinfo/ a přes Úpravy>kopírovat sem dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

JanHellsing
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2012 14:53

Re: zpomaleny ntb

#15 Příspěvek od JanHellsing »

----------------------------------------------------------------------------
CrystalDiskInfo 8.0.0 (C) 2008-2018 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 17134] (x64)
Date : 2019/04/26 4:08:28

-- Controller Map ----------------------------------------------------------
+ Standardní řadič SATA AHCI [ATA]
- hp DVDRW GUE1N
- ST1000LM035-1RK172
- Řadič prostorů úložišť [SCSI]
+ DAEMON Tools Lite Virtual SCSI Bus [SCSI]
- DiscSoft Virtual SCSI CdRom Device
- DiscSoft Virtual SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) ST1000LM035-1RK172 : 1000,2 GB [0/0/0, pd1] - st
(2) ST1750LM000 HN-M171RAD : 1750,3 GB [1/0/0, sa1] - st

----------------------------------------------------------------------------
(1) ST1000LM035-1RK172
----------------------------------------------------------------------------
Model : ST1000LM035-1RK172
Firmware : RSM7
Serial Number : ZDE6CYYZ
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-3
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 7278 hod.
Power On Count : 67 krát
Temperature : 34 C (93 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ, TRIM
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _80 _39 __6 00000673B388 Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 100 100 __0 000000000043 Počet spuštění/zastavení
05 _99 _99 _36 000000000308 Počet přemapovaných sektorů
07 _83 _60 _45 00000BF3ED91 Počet chybných hledání
09 _92 _92 __0 A08500001C6E Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000043 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _97 000000000000 Ukončovacích chyb
BB __1 __1 __0 0000000009D0 Ohlášeno neopravitelných chyb
BC 100 _99 __0 000700070009 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _66 _55 _40 00002A1B0022 Teplota toku vzduchu
BF 100 100 __0 000000000013 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000017 Počet vypnutí disku
C1 _87 _87 __0 000000006605 Počet cyklů načítání/vymazání
C2 _34 _45 __0 001200000022 Teplota
C4 _99 _99 __0 000000000308 Počet udalostí s číslem realokování sektorů
C5 _94 _93 __0 0000000001F0 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000005 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5A44 4536 4359 595A 2020 2020 2020 2020 2020 2020
020: 0000 0000 0000 5253 4D37 2020 2020 5354 3130 3030
030: 4C4D 3033 352D 3152 4B31 3732 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 5910
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0100
070: 0000 0000 0000 0000 0000 001F 8D0E 0006 004C 0048
080: 07F0 001F 706B 7469 6123 7069 B449 6123 203F 0052
090: 0052 8080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0008 6003 0000 5000 C500
110: A5B3 D450 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 0078 0000 0008 0000 0000 BDFF 0280 0000 0000
150: 0008 0000 0000 0027 0000 8000 0000 0100 A500 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 EFA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 2F 00 50 27 88 B3 73 06 00 00 00 03 23
010: 00 63 63 00 00 00 00 00 00 00 04 32 00 64 64 43
020: 00 00 00 00 00 00 05 33 00 63 63 08 03 00 00 00
030: 00 00 07 2F 00 53 3C 91 ED F3 0B 00 00 00 09 32
040: 00 5C 5C 6E 1C 00 00 85 A0 1E 0A 33 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 43 00 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 33
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 01 01 D0
080: 09 00 00 00 00 00 BC 32 00 64 63 09 00 07 00 07
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 42 37 22 00 1B 2A 00 00 00 BF 32 00 64 64 13
0B0: 00 00 00 00 00 00 C0 22 00 64 64 17 00 00 00 00
0C0: 00 01 C1 32 00 57 57 05 66 00 00 00 00 00 C2 22
0D0: 00 22 2D 22 00 00 00 12 00 00 C4 32 00 63 63 08
0E0: 03 00 00 00 00 00 C5 32 00 5E 5D F0 01 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 32
100: 00 C8 C8 05 00 00 00 00 00 00 FE 32 00 64 64 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51
170: 03 00 01 00 02 A2 00 00 00 00 00 00 00 00 00 00
180: 00 00 02 00 00 00 00 00 03 01 01 01 01 01 01 01
190: 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 13 00 00 00 D9 17 BE DB D4 17 00 00
1B0: 00 00 00 00 01 00 12 04 3C 54 07 16 02 00 00 00
1C0: 51 B1 E7 D3 02 00 00 00 00 00 00 00 00 00 00 00
1D0: 01 00 00 00 00 00 00 00 6E 12 00 00 01 00 00 00
1E0: 00 00 00 00 A2 06 00 00 00 00 00 00 00 00 00 03
1F0: 00 00 00 00 00 00 00 00 00 00 03 17 00 00 00 97

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 20 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 2D 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 61
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 28
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 FE 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F5

----------------------------------------------------------------------------
(2) ST1750LM000 HN-M171RAD
----------------------------------------------------------------------------
Enclosure : ST1750LM 000 HN-M171R USB Device (V=18A5, P=0237, sa1) - st
Model : ST1750LM000 HN-M171RAD
Firmware : 2BE10001
Serial Number : S385J9DGC01673
Disk Size : 1750,3 GB (8,4/137,4/1750,3/1750,3)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 3418653168
Rotation Rate : 5400 RPM
Interface : USB (Serial ATA)
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 7576 hod.
Power On Count : 409 krát
Temperature : 25 C (77 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [OFF]
AAM Level : FE00h [OFF]
Drive Letter : K:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _87 _87 _25 000000000F9B Čas na roztočení ploten
04 _95 _95 __0 00000000153D Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 000000001D98 Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000199 Počet cyklů zapnutí zařízení
BF 252 252 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 252 252 __0 000000000000 Počet vypnutí disku
C2 _64 _64 __0 0031000D0019 Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 252 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 _99 _99 __0 000000000384 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000059 Počet chyb při zápisu sektorů
DF 100 100 __0 000000000005 Zatížení budiče magnetických hlav způsobené opakovanými úkony
E1 _98 _98 __0 000000006A20 Počet cyklů načítání/vymazání
F1 _98 _95 __0 0000002CD954 Total Host Writes
F2 _96 _92 __0 0000005B4EF4 Total Host Reads

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5333 3835 4A39 4447 4330 3136 3733 2020 2020 2020
020: 0000 FFFF 0004 3242 4531 3030 3031 5354 3137 3530
030: 4C4D 3030 3020 484E 2D4D 3137 3152 4144 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0000
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0100
070: 0000 0000 0000 0000 0000 001F 1D0E 0004 004C 0040
080: 01FF 0028 746B 7F69 6123 7468 BC41 6123 407F 00A4
090: 00A4 0080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 81F0 CBC4 0000 0000 0000 0000 6003 0000 5000 4CF2
110: 1183 24DB 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 FFA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 00 00 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 57 57 9B
020: 0F 00 00 00 00 00 04 32 00 5F 5F 3D 15 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 98 1D 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0C 32
070: 00 64 64 99 01 00 00 00 00 00 BF 22 00 FC FC 00
080: 00 00 00 00 00 00 C0 22 00 FC FC 00 00 00 00 00
090: 00 00 C2 02 00 40 40 19 00 0D 00 31 00 00 C3 3A
0A0: 00 64 64 00 00 00 00 00 00 00 C4 32 00 FC FC 00
0B0: 00 00 00 00 00 00 C5 32 00 FC FC 00 00 00 00 00
0C0: 00 00 C6 30 00 FC FC 00 00 00 00 00 00 00 C7 36
0D0: 00 63 63 84 03 00 00 00 00 00 C8 2A 00 64 64 59
0E0: 00 00 00 00 00 00 DF 32 00 64 64 05 00 00 00 00
0F0: 00 00 E1 32 00 62 62 20 6A 00 00 00 00 00 F1 32
100: 00 62 5F 54 D9 2C 00 00 00 00 F2 32 00 60 5C F4
110: 4E 5B 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 64 50 00 5B
170: 03 00 01 00 01 FF 00 57 01 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 68

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
0E0: 00 00 00 00 00 00 DF 00 00 00 00 00 00 00 00 00
0F0: 00 00 E1 00 00 00 00 00 00 00 00 00 00 00 F1 00
100: 00 00 00 00 00 00 00 00 00 00 F2 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 63

Zamčeno