Pomalý start Windows 10
Napsal: 27 dub 2019 12:08
Dobrý den nainstaloval jsem do notebooku Windows 10 Home a po instalaci se dlouho načítá do systému.Můžete prosím zkontrolovat log.Děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.04.2019
Ran by Administrator (administrator) on DESKTOP-EVP3R8N (ASUSTeK Computer Inc. K52De) (27-04-2019 13:04:18)
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Windows 10 Home Version 1809 17763.379 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.108\Installer\chrmstp.exe [2019-04-26] (Google LLC -> Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1846BC3C-4986-4530-B9EF-F1FB84B2882F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-26] (Google Inc -> Google LLC)
Task: {369DF039-4558-4E48-9A68-38AAB31881E5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3C4EDEC7-2753-4D64-93E5-C65870F6EE8E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {586D7BAF-8D29-4027-B5CB-E4BA899B7780} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-26] (Google Inc -> Google LLC)
Task: {8BE8D004-ABD2-4A34-9FDE-457AD8054260} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411856 2015-11-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {BD657761-87C6-400A-8963-6A23FC910A07} - System32\Tasks\Disable LockScreen => reg.exe add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\SessionData /t REG_DWORD /v AllowLockScreen /d 0 /f
Task: {C20D1383-E712-4E8F-8183-85748BE10FA6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{77657a93-91e1-40ae-993e-95030aad4e66}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-26] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-26] (Google Inc -> Google LLC)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2019-04-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-26]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S4 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [315664 2015-11-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830128 2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\System32\drivers\athwnx.sys [4233728 2018-09-15] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 NETJME; C:\Windows\System32\drivers\NETJME.sys [137728 2018-09-15] (Microsoft Windows -> JMicron Technology Corp.)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] (SONIX TECHNOLOGY CO. , LTD -> )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-27 13:04 - 2019-04-27 13:05 - 000009378 _____ C:\Users\Administrator\Desktop\FRST.txt
2019-04-27 13:04 - 2019-04-27 13:04 - 002430464 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2019-04-27 13:04 - 2019-04-27 13:04 - 000000000 ____D C:\FRST
2019-04-27 12:49 - 2018-09-15 09:29 - 000001164 _____ C:\Users\Administrator\Desktop\Správa počítače.lnk
2019-04-27 12:49 - 2018-09-15 09:29 - 000001158 _____ C:\Users\Administrator\Desktop\Služby.lnk
2019-04-27 12:37 - 2019-04-27 12:37 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-04-26 17:38 - 2019-04-26 17:39 - 000000000 ____D C:\AdwCleaner
2019-04-26 17:01 - 2019-03-12 08:31 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-04-26 17:01 - 2019-03-12 08:31 - 000179608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-26 16:32 - 2019-04-19 20:58 - 007025360 _____ (Malwarebytes) C:\Users\Administrator\Desktop\adwcleaner_7.3.exe
2019-04-26 15:59 - 2019-04-26 15:59 - 000003490 _____ C:\Windows\System32\Tasks\Disable LockScreen
2019-04-26 15:43 - 2019-04-26 15:43 - 000001765 _____ C:\Users\Public\Desktop\Defraggler.lnk
2019-04-26 15:43 - 2019-04-26 15:43 - 000001379 _____ C:\Users\Public\Desktop\Skype.lnk
2019-04-26 15:43 - 2019-04-26 15:43 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2019-04-26 15:43 - 2019-04-26 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-04-26 15:43 - 2019-04-26 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2019-04-26 15:43 - 2019-04-26 15:43 - 000000000 ____D C:\Program Files\Defraggler
2019-04-26 15:29 - 2019-04-26 15:30 - 000002294 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-04-26 15:29 - 2019-04-26 15:29 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-26 15:29 - 2019-04-26 15:29 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-26 15:29 - 2019-04-26 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-04-26 15:29 - 2019-04-26 15:29 - 000000000 ____D C:\Program Files\CCleaner
2019-04-26 15:27 - 2019-04-26 15:27 - 000000814 _____ C:\Users\Administrator\Desktop\Stažené soubory.lnk
2019-04-26 15:26 - 2019-04-26 15:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft_Corporation
2019-04-26 15:09 - 2019-04-26 15:09 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Google
2019-04-26 14:54 - 2019-04-26 15:32 - 000000000 ____D C:\ProgramData\Packages
2019-04-26 14:54 - 2019-04-26 14:55 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2019-04-26 14:51 - 2019-04-26 17:34 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache
2019-04-26 14:46 - 2019-04-26 16:29 - 000408534 __RSH C:\bootmgr
2019-04-26 14:46 - 2019-04-26 15:56 - 000000000 ____D C:\Windows\Panther
2019-04-26 14:46 - 2019-04-26 14:46 - 000008192 __RSH C:\BOOTSECT.BAK
2019-04-26 14:46 - 2018-09-15 09:28 - 000000001 ___SH C:\BOOTNXT
2019-04-26 14:41 - 2019-04-26 14:41 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2019-04-26 14:41 - 2019-04-26 14:41 - 000000000 ____D C:\Program Files\AMD
2019-04-26 14:41 - 2019-04-26 14:41 - 000000000 ____D C:\AMD
2019-04-26 14:39 - 2019-04-26 14:39 - 000000000 ____D C:\Users\Administrator\AppData\Local\DBG
2019-04-26 14:28 - 2019-04-26 14:28 - 000000000 ____D C:\Program Files\Elantech
2019-04-26 14:26 - 2019-04-26 15:32 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder
2019-04-26 14:26 - 2019-04-26 15:30 - 000002406 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2019-04-26 14:26 - 2019-04-26 15:30 - 000002340 _____ C:\Windows\System32\Tasks\RTKCPL
2019-04-26 14:26 - 2019-04-26 14:26 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-04-26 14:26 - 2019-04-26 14:26 - 000000000 ____D C:\Windows\system32\SRSLabs
2019-04-26 14:26 - 2019-04-26 14:26 - 000000000 ____D C:\Program Files\Realtek
2019-04-26 14:24 - 2019-04-26 14:39 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2019-04-26 14:23 - 2019-04-26 15:30 - 000003458 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-26 14:23 - 2019-04-26 15:30 - 000003234 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-26 14:23 - 2019-04-26 14:23 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-26 14:23 - 2019-04-26 14:23 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-26 14:23 - 2019-04-26 14:23 - 000000000 ____D C:\Program Files (x86)\Google
2019-04-26 14:21 - 2019-04-26 14:21 - 000000000 _____ C:\Windows\ativpsrm.bin
2019-04-26 14:17 - 2019-04-26 14:17 - 000000000 ____D C:\Users\Administrator\AppData\Local\MicrosoftEdge
2019-04-26 14:16 - 2019-04-26 16:02 - 000000000 ____D C:\Users\Administrator
2019-04-26 14:16 - 2019-04-26 15:39 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2019-04-26 14:16 - 2019-04-26 14:16 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Šablony
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Soubory cookie
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Poslední
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Okolní tiskárny
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Okolní síť
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Nabídka Start
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Dokumenty
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Documents\Obrázky
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Documents\Hudba
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Documents\Filmy
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Data aplikací
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Data aplikací
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 ___RD C:\Users\Administrator\3D Objects
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2019-04-26 14:06 - 2019-04-26 14:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-04-26 14:05 - 2019-04-27 12:53 - 001606102 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-26 14:02 - 2019-03-12 08:29 - 002865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Šablony
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Poslední
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Okolní síť
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Dokumenty
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Data aplikací
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\ProgramData\Šablony
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\ProgramData\Plocha
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\ProgramData\Dokumenty
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\ProgramData\Data aplikací
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Documents and Settings
2019-04-26 13:51 - 2019-04-26 13:51 - 000000000 ____D C:\ProgramData\USOShared
2019-04-26 13:49 - 2019-04-26 13:49 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2019-04-26 13:49 - 2019-04-26 13:49 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-04-26 13:48 - 2019-04-27 12:48 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-26 13:48 - 2019-04-27 12:23 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-04-26 13:48 - 2019-04-26 17:01 - 000258088 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-26 13:48 - 2019-04-26 13:48 - 000000000 ____D C:\Windows\ServiceProfiles
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-27 12:59 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-27 12:53 - 2018-09-15 19:32 - 000683600 _____ C:\Windows\system32\perfh005.dat
2019-04-27 12:53 - 2018-09-15 19:32 - 000137282 _____ C:\Windows\system32\perfc005.dat
2019-04-27 12:53 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2019-04-27 12:47 - 2018-09-15 08:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-04-27 09:30 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\appcompat
2019-04-26 17:19 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2019-04-26 17:19 - 2018-09-15 08:09 - 000000000 ____D C:\Windows\servicing
2019-04-26 16:56 - 2018-09-15 09:33 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-04-26 16:56 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-04-26 16:56 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\oobe
2019-04-26 16:56 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\bcastdvr
2019-04-26 16:56 - 2018-09-15 08:09 - 000000000 ____D C:\Windows\system32\Dism
2019-04-26 15:48 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-04-26 15:39 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness
2019-04-26 15:38 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-26 14:53 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\ServiceState
2019-04-26 14:46 - 2018-09-15 09:31 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2019-04-26 14:21 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-04-26 14:17 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2019-04-26 14:03 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\spool
2019-04-26 13:58 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\windows nt
2019-04-26 13:51 - 2018-09-15 09:33 - 000000000 ___RD C:\Windows\PrintDialog
2019-04-26 13:51 - 2018-09-15 09:33 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-04-26 13:51 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\USOPrivate
2019-04-26 13:49 - 2018-09-15 08:09 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-04-22 10:38 - 2009-08-19 07:23 - 000143472 _____ (JMicron Technology Corporation) C:\Windows\system32\Drivers\jmcr.sys
2019-04-22 10:38 - 2008-05-15 10:53 - 000110080 _____ (JMicron Technology Corporation) C:\Windows\system32\jmcricon.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.04.2019
Ran by Administrator (27-04-2019 13:06:24)
Running from C:\Users\Administrator\Desktop
Windows 10 Home Version 1809 17763.379 (X64) (2019-04-26 12:03:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2022166433-305305047-2106649634-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2022166433-305305047-2106649634-503 - Limited - Disabled)
Guest (S-1-5-21-2022166433-305305047-2106649634-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2022166433-305305047-2106649634-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.108 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Skype verze 8.43 (HKLM-x32\...\Skype_is1) (Version: 8.43 - Skype Technologies S.A.)
USB 2.0 VGA UVC WebCam (HKLM\...\USB 2.0 VGA UVC WebCam) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2022166433-305305047-2106649634-500\Control Panel\Desktop\\Wallpaper -> E:\Asus notebook\494096.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-2022166433-305305047-2106649634-500\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2022166433-305305047-2106649634-500\...\StartupApproved\Run: => "Uninstall 18.143.0717.0002"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{ADC745BE-ED43-4AB1-93F8-D3221DB9A76F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{5B83019C-B3AF-4A47-B769-9539059EEA3F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{503B9E3C-CD02-42D5-9CF1-AFB9C4DB6ED6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/27/2019 12:24:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.17763.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1794
Čas spuštění: 01d4fce351614478
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
ID hlášení: 4dcdec6b-1bfa-4940-8665-c51a254f6caa
Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel
Typ zablokování: Quiesce
System errors:
=============
Error: (04/27/2019 12:54:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EVP3R8N)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-EVP3R8N\Administrator (SID: S-1-5-21-2022166433-305305047-2106649634-500) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/27/2019 12:50:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EVP3R8N)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-EVP3R8N\Administrator (SID: S-1-5-21-2022166433-305305047-2106649634-500) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/27/2019 12:39:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EVP3R8N)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-EVP3R8N\Administrator (SID: S-1-5-21-2022166433-305305047-2106649634-500) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/27/2019 12:32:52 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EVP3R8N)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-EVP3R8N\Administrator (SID: S-1-5-21-2022166433-305305047-2106649634-500) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/27/2019 12:32:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EVP3R8N)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-EVP3R8N\Administrator (SID: S-1-5-21-2022166433-305305047-2106649634-500) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/27/2019 09:31:52 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EVP3R8N)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-EVP3R8N\Administrator (SID: S-1-5-21-2022166433-305305047-2106649634-500) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/26/2019 05:13:30 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EVP3R8N)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-EVP3R8N\Administrator (SID: S-1-5-21-2022166433-305305047-2106649634-500) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/26/2019 04:44:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
==================== Memory info ===========================
BIOS: American Megatrends Inc. K52De.210 01/27/2011
Motherboard: ASUSTeK Computer Inc. K52De
Processor: AMD Athlon(tm) II P360 Dual-Core Processor
Percentage of memory in use: 50%
Total physical RAM: 4093.82 MB
Available physical RAM: 2042.46 MB
Total Virtual: 5501.82 MB
Available Virtual: 3536.58 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.08 GB) (Free:80.38 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (DOKUMENTY) (Fixed) (Total:498.51 GB) (Free:461.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 1B64FBCC)
Partition 1: (Active) - (Size=97.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=498.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.04.2019
Ran by Administrator (administrator) on DESKTOP-EVP3R8N (ASUSTeK Computer Inc. K52De) (27-04-2019 13:04:18)
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator (Available Profiles: Administrator)
Platform: Windows 10 Home Version 1809 17763.379 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.108\Installer\chrmstp.exe [2019-04-26] (Google LLC -> Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1846BC3C-4986-4530-B9EF-F1FB84B2882F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-26] (Google Inc -> Google LLC)
Task: {369DF039-4558-4E48-9A68-38AAB31881E5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3C4EDEC7-2753-4D64-93E5-C65870F6EE8E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {586D7BAF-8D29-4027-B5CB-E4BA899B7780} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-26] (Google Inc -> Google LLC)
Task: {8BE8D004-ABD2-4A34-9FDE-457AD8054260} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411856 2015-11-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {BD657761-87C6-400A-8963-6A23FC910A07} - System32\Tasks\Disable LockScreen => reg.exe add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\SessionData /t REG_DWORD /v AllowLockScreen /d 0 /f
Task: {C20D1383-E712-4E8F-8183-85748BE10FA6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{77657a93-91e1-40ae-993e-95030aad4e66}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-26] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-26] (Google Inc -> Google LLC)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2019-04-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-26]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S4 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [315664 2015-11-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830128 2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\System32\drivers\athwnx.sys [4233728 2018-09-15] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 NETJME; C:\Windows\System32\drivers\NETJME.sys [137728 2018-09-15] (Microsoft Windows -> JMicron Technology Corp.)
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] (SONIX TECHNOLOGY CO. , LTD -> )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-27 13:04 - 2019-04-27 13:05 - 000009378 _____ C:\Users\Administrator\Desktop\FRST.txt
2019-04-27 13:04 - 2019-04-27 13:04 - 002430464 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2019-04-27 13:04 - 2019-04-27 13:04 - 000000000 ____D C:\FRST
2019-04-27 12:49 - 2018-09-15 09:29 - 000001164 _____ C:\Users\Administrator\Desktop\Správa počítače.lnk
2019-04-27 12:49 - 2018-09-15 09:29 - 000001158 _____ C:\Users\Administrator\Desktop\Služby.lnk
2019-04-27 12:37 - 2019-04-27 12:37 - 000000000 ____D C:\Windows\LastGood.Tmp
2019-04-26 17:38 - 2019-04-26 17:39 - 000000000 ____D C:\AdwCleaner
2019-04-26 17:01 - 2019-03-12 08:31 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-04-26 17:01 - 2019-03-12 08:31 - 000179608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-26 16:32 - 2019-04-19 20:58 - 007025360 _____ (Malwarebytes) C:\Users\Administrator\Desktop\adwcleaner_7.3.exe
2019-04-26 15:59 - 2019-04-26 15:59 - 000003490 _____ C:\Windows\System32\Tasks\Disable LockScreen
2019-04-26 15:43 - 2019-04-26 15:43 - 000001765 _____ C:\Users\Public\Desktop\Defraggler.lnk
2019-04-26 15:43 - 2019-04-26 15:43 - 000001379 _____ C:\Users\Public\Desktop\Skype.lnk
2019-04-26 15:43 - 2019-04-26 15:43 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2019-04-26 15:43 - 2019-04-26 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-04-26 15:43 - 2019-04-26 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2019-04-26 15:43 - 2019-04-26 15:43 - 000000000 ____D C:\Program Files\Defraggler
2019-04-26 15:29 - 2019-04-26 15:30 - 000002294 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-04-26 15:29 - 2019-04-26 15:29 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-26 15:29 - 2019-04-26 15:29 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-26 15:29 - 2019-04-26 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-04-26 15:29 - 2019-04-26 15:29 - 000000000 ____D C:\Program Files\CCleaner
2019-04-26 15:27 - 2019-04-26 15:27 - 000000814 _____ C:\Users\Administrator\Desktop\Stažené soubory.lnk
2019-04-26 15:26 - 2019-04-26 15:26 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft_Corporation
2019-04-26 15:09 - 2019-04-26 15:09 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Google
2019-04-26 14:54 - 2019-04-26 15:32 - 000000000 ____D C:\ProgramData\Packages
2019-04-26 14:54 - 2019-04-26 14:55 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2019-04-26 14:51 - 2019-04-26 17:34 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache
2019-04-26 14:46 - 2019-04-26 16:29 - 000408534 __RSH C:\bootmgr
2019-04-26 14:46 - 2019-04-26 15:56 - 000000000 ____D C:\Windows\Panther
2019-04-26 14:46 - 2019-04-26 14:46 - 000008192 __RSH C:\BOOTSECT.BAK
2019-04-26 14:46 - 2018-09-15 09:28 - 000000001 ___SH C:\BOOTNXT
2019-04-26 14:41 - 2019-04-26 14:41 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2019-04-26 14:41 - 2019-04-26 14:41 - 000000000 ____D C:\Program Files\AMD
2019-04-26 14:41 - 2019-04-26 14:41 - 000000000 ____D C:\AMD
2019-04-26 14:39 - 2019-04-26 14:39 - 000000000 ____D C:\Users\Administrator\AppData\Local\DBG
2019-04-26 14:28 - 2019-04-26 14:28 - 000000000 ____D C:\Program Files\Elantech
2019-04-26 14:26 - 2019-04-26 15:32 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder
2019-04-26 14:26 - 2019-04-26 15:30 - 000002406 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2019-04-26 14:26 - 2019-04-26 15:30 - 000002340 _____ C:\Windows\System32\Tasks\RTKCPL
2019-04-26 14:26 - 2019-04-26 14:26 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-04-26 14:26 - 2019-04-26 14:26 - 000000000 ____D C:\Windows\system32\SRSLabs
2019-04-26 14:26 - 2019-04-26 14:26 - 000000000 ____D C:\Program Files\Realtek
2019-04-26 14:24 - 2019-04-26 14:39 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2019-04-26 14:23 - 2019-04-26 15:30 - 000003458 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-26 14:23 - 2019-04-26 15:30 - 000003234 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-26 14:23 - 2019-04-26 14:23 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-26 14:23 - 2019-04-26 14:23 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-26 14:23 - 2019-04-26 14:23 - 000000000 ____D C:\Program Files (x86)\Google
2019-04-26 14:21 - 2019-04-26 14:21 - 000000000 _____ C:\Windows\ativpsrm.bin
2019-04-26 14:17 - 2019-04-26 14:17 - 000000000 ____D C:\Users\Administrator\AppData\Local\MicrosoftEdge
2019-04-26 14:16 - 2019-04-26 16:02 - 000000000 ____D C:\Users\Administrator
2019-04-26 14:16 - 2019-04-26 15:39 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2019-04-26 14:16 - 2019-04-26 14:16 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Šablony
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Soubory cookie
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Poslední
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Okolní tiskárny
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Okolní síť
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Nabídka Start
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Dokumenty
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Documents\Obrázky
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Documents\Hudba
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Documents\Filmy
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\Data aplikací
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Data aplikací
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 ___RD C:\Users\Administrator\3D Objects
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2019-04-26 14:16 - 2019-04-26 14:16 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2019-04-26 14:06 - 2019-04-26 14:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-04-26 14:05 - 2019-04-27 12:53 - 001606102 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-26 14:02 - 2019-03-12 08:29 - 002865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Šablony
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Poslední
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Okolní síť
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Dokumenty
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\Data aplikací
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\ProgramData\Šablony
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\ProgramData\Plocha
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\ProgramData\Dokumenty
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\ProgramData\Data aplikací
2019-04-26 13:58 - 2019-04-26 13:58 - 000000000 _SHDL C:\Documents and Settings
2019-04-26 13:51 - 2019-04-26 13:51 - 000000000 ____D C:\ProgramData\USOShared
2019-04-26 13:49 - 2019-04-26 13:49 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2019-04-26 13:49 - 2019-04-26 13:49 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-04-26 13:48 - 2019-04-27 12:48 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-26 13:48 - 2019-04-27 12:23 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-04-26 13:48 - 2019-04-26 17:01 - 000258088 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-26 13:48 - 2019-04-26 13:48 - 000000000 ____D C:\Windows\ServiceProfiles
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-27 12:59 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-27 12:53 - 2018-09-15 19:32 - 000683600 _____ C:\Windows\system32\perfh005.dat
2019-04-27 12:53 - 2018-09-15 19:32 - 000137282 _____ C:\Windows\system32\perfc005.dat
2019-04-27 12:53 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2019-04-27 12:47 - 2018-09-15 08:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-04-27 09:30 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\appcompat
2019-04-26 17:19 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2019-04-26 17:19 - 2018-09-15 08:09 - 000000000 ____D C:\Windows\servicing
2019-04-26 16:56 - 2018-09-15 09:33 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-04-26 16:56 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-04-26 16:56 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\oobe
2019-04-26 16:56 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\bcastdvr
2019-04-26 16:56 - 2018-09-15 08:09 - 000000000 ____D C:\Windows\system32\Dism
2019-04-26 15:48 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-04-26 15:39 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness
2019-04-26 15:38 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-26 14:53 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\ServiceState
2019-04-26 14:46 - 2018-09-15 09:31 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2019-04-26 14:21 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-04-26 14:17 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2019-04-26 14:03 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\spool
2019-04-26 13:58 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\windows nt
2019-04-26 13:51 - 2018-09-15 09:33 - 000000000 ___RD C:\Windows\PrintDialog
2019-04-26 13:51 - 2018-09-15 09:33 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2019-04-26 13:51 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\USOPrivate
2019-04-26 13:49 - 2018-09-15 08:09 - 000032768 _____ C:\Windows\system32\config\ELAM
2019-04-22 10:38 - 2009-08-19 07:23 - 000143472 _____ (JMicron Technology Corporation) C:\Windows\system32\Drivers\jmcr.sys
2019-04-22 10:38 - 2008-05-15 10:53 - 000110080 _____ (JMicron Technology Corporation) C:\Windows\system32\jmcricon.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.04.2019
Ran by Administrator (27-04-2019 13:06:24)
Running from C:\Users\Administrator\Desktop
Windows 10 Home Version 1809 17763.379 (X64) (2019-04-26 12:03:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2022166433-305305047-2106649634-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2022166433-305305047-2106649634-503 - Limited - Disabled)
Guest (S-1-5-21-2022166433-305305047-2106649634-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2022166433-305305047-2106649634-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
CCleaner (HKLM\...\CCleaner) (Version: 5.56 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.108 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Skype verze 8.43 (HKLM-x32\...\Skype_is1) (Version: 8.43 - Skype Technologies S.A.)
USB 2.0 VGA UVC WebCam (HKLM\...\USB 2.0 VGA UVC WebCam) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2022166433-305305047-2106649634-500\Control Panel\Desktop\\Wallpaper -> E:\Asus notebook\494096.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-2022166433-305305047-2106649634-500\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2022166433-305305047-2106649634-500\...\StartupApproved\Run: => "Uninstall 18.143.0717.0002"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{ADC745BE-ED43-4AB1-93F8-D3221DB9A76F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{5B83019C-B3AF-4A47-B769-9539059EEA3F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{503B9E3C-CD02-42D5-9CF1-AFB9C4DB6ED6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/27/2019 12:24:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.17763.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1794
Čas spuštění: 01d4fce351614478
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
ID hlášení: 4dcdec6b-1bfa-4940-8665-c51a254f6caa
Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel
Typ zablokování: Quiesce
System errors:
=============
Error: (04/27/2019 12:54:48 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EVP3R8N)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-EVP3R8N\Administrator (SID: S-1-5-21-2022166433-305305047-2106649634-500) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/27/2019 12:50:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EVP3R8N)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-EVP3R8N\Administrator (SID: S-1-5-21-2022166433-305305047-2106649634-500) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/27/2019 12:39:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EVP3R8N)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-EVP3R8N\Administrator (SID: S-1-5-21-2022166433-305305047-2106649634-500) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/27/2019 12:32:52 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EVP3R8N)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-EVP3R8N\Administrator (SID: S-1-5-21-2022166433-305305047-2106649634-500) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/27/2019 12:32:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EVP3R8N)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-EVP3R8N\Administrator (SID: S-1-5-21-2022166433-305305047-2106649634-500) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/27/2019 09:31:52 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EVP3R8N)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-EVP3R8N\Administrator (SID: S-1-5-21-2022166433-305305047-2106649634-500) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/26/2019 05:13:30 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EVP3R8N)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-EVP3R8N\Administrator (SID: S-1-5-21-2022166433-305305047-2106649634-500) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/26/2019 04:44:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
==================== Memory info ===========================
BIOS: American Megatrends Inc. K52De.210 01/27/2011
Motherboard: ASUSTeK Computer Inc. K52De
Processor: AMD Athlon(tm) II P360 Dual-Core Processor
Percentage of memory in use: 50%
Total physical RAM: 4093.82 MB
Available physical RAM: 2042.46 MB
Total Virtual: 5501.82 MB
Available Virtual: 3536.58 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.08 GB) (Free:80.38 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (DOKUMENTY) (Fixed) (Total:498.51 GB) (Free:461.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 1B64FBCC)
Partition 1: (Active) - (Size=97.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=498.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================