Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

problém s ntb

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
em&M
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 16 led 2016 20:54

problém s ntb

#1 Příspěvek od em&M »

Dobrý den,
posílám log z FRST. Poslední dva, tři dny mě teď zlobí notebook, připravovala a stahovala se mi nová aktualizace na win 10 1903 - ale nikdy nedoběhla do konce, ani po několika pokusech... a od té doby mi neustále padá Chrome, všechno se zasekne, zčerná obrazovka... a tvrdě restartuji pc.
Předem moc děkuji za pomoc a ochotu!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-06-2019
Ran by Michaela (administrator) on ITSMISHKA (Hewlett-Packard HP ProBook 450 G2) (09-06-2019 12:50:44)
Running from C:\Users\Michaela\Desktop
Loaded Profiles: Michaela (Available Profiles: Michaela)
Platform: Windows 10 Home Version 1809 17763.529 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19051.545.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\HotKeyServiceUWP.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\LanWlanWwanSwitchingServiceUWP.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Michaela\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.6.73.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.503_none_7e5131134cd5bd73\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8811776 2016-05-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [225280 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-24] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-05-07] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-04-29] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492472 2015-04-29] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated) [File not signed]
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.80\Installer\chrmstp.exe [2019-06-09] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.131\Installer\chrmstp.exe [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exeaswBoot.exe /M:263415c5c /dir:"C:\Program Files\AVAST Software\Avast"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0689EBFF-ECC5-43A2-9B79-1285340F4443} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [652664 2019-04-17] (HP Inc. -> HP Inc.)
Task: {10724B03-A585-41DA-92B9-9AC9FD906FEE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {23E538B8-7E69-472B-BB49-5C6CEB1EE2F0} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-itsmishkadoll@hotmail.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {2B77C0D8-7769-4B6F-BA64-C651F1225048} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1958568 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {3535407A-0666-4148-B45D-A1B965C2C68B} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1958568 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {3CACC943-99A2-4533-B0FE-A6426166DAE5} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {4877E5D4-DA2E-476F-88D2-E54B87ABD171} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {498FBF6A-3C76-4E26-A3F2-8C72C0DAB9FE} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
Task: {53BFD8C9-7DB3-4FDA-84B1-6E8F6C08F38D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {563B3866-0883-47AA-A50E-D8207A5D9420} - System32\Tasks\{CA49ADF7-E731-4BD1-9FC0-0FABA3D31AA5} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Michaela\Desktop\win64_154010.4300.exe -d C:\Users\Michaela\Desktop
Task: {5F30864D-4746-48D2-B824-56CF2887F9C4} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {632B33FA-8BC8-44CA-BB55-0916D43324AE} - System32\Tasks\{A5EA487F-D976-4999-AE98-E42B7F1F52C7} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Acro Software\CutePDF Writer\Setup64.exe" -c /uninstall
Task: {86FCF52F-8985-4FB4-BB98-E9EAEF9D4A8B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {991CFC20-163A-4E0F-9288-A2499B0B1BFC} - System32\Tasks\{70A01191-9630-4112-BFB0-FB0CE9F9A198} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\Easeware\DriverEasy\unins000.exe"
Task: {9996ADBF-58D7-4D18-BEE4-F0A3DFF8CFA6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {A0D5713B-FBAB-4DD6-A7D9-0E6B08091905} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-08-24] (Google Inc -> Google Inc.)
Task: {BBDFFC6E-78CE-4516-8862-F99B77B6FE2C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
Task: {CD536D89-31E0-4585-890E-2451D5F73E81} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [132445408 2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC348339-E439-45A4-A9EA-D9BCFE8F1164} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {EC8AC46A-DFE7-49A9-A28C-04FDBEE020FE} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FF5545E6-DDCF-4047-9548-3734A7EA2C8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-08-24] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{071e417d-5366-4968-ad75-886ab18d1a21}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2905897820-2961114574-241712703-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2905897820-2961114574-241712703-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: a5zdyp94.default
FF ProfilePath: C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\a5zdyp94.default [2019-05-29]
FF Extension: (AdBlock) - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\a5zdyp94.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2017-12-09]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\a5zdyp94.default\Extensions\sp@avast.com.xpi [2019-06-02]
FF Extension: (Avast Online Security) - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\a5zdyp94.default\Extensions\wrc@avast.com.xpi [2018-06-24]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR NewTab: Default -> Active:"chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html"
CHR Profile: C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default [2019-06-09]
CHR Extension: (Prezentace) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19]
CHR Extension: (hxxp://translate.google.cz/) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahlagfghnfgpjkanemnddagekadalamm [2016-01-18]
CHR Extension: (Dokumenty) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-28]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2019-06-04]
CHR Extension: (YouTube) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-18]
CHR Extension: (Vyhledávání Google) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-18]
CHR Extension: (Tipli do prohlížeče) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2019-03-16]
CHR Extension: (Facebook Disconnect) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2016-01-18]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-07]
CHR Extension: (Tabulky) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-06]
CHR Extension: (AdBlock) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-31]
CHR Extension: (Avast Online Security) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-05]
CHR Extension: (Momentum) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2019-06-02]
CHR Extension: (hxxp://www.uloz.to/) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\liebfmmaockegjmndodagbpdbgjihpie [2016-01-18]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2019-05-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Gmail) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-09]
CHR Profile: C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-05]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.131\elevation_service.exe [1079424 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [22528 2017-03-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\HotKeyServiceUWP.exe [674208 2018-10-29] (HP Inc. -> HP Inc.)
S2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-24] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [184064 2017-03-09] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373760 2017-01-27] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\LanWlanWwanSwitchingServiceUWP.exe [583584 2018-10-29] (HP Inc. -> HP Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312576 2016-05-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255584 2017-08-19] (Synaptics Incorporated -> Synaptics Incorporated)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [82944 2017-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-01-02] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-01-02] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [207448 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [262496 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279120 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167872 2019-06-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477584 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225608 2019-06-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [9728 2018-09-15] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [49184 2018-10-20] (HP Inc. -> HP Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2017-03-09] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-05-12] (Malwarebytes Corporation -> Malwarebytes)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3595472 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [772336 2015-11-11] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-05-28] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3222016 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-06-12] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [33960 2015-06-12] (Synaptics Incorporated -> Synaptics Incorporated)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2019-01-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2019-01-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-01-02] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-09 12:50 - 2019-06-09 12:54 - 000031379 _____ C:\Users\Michaela\Desktop\FRST.txt
2019-06-09 12:48 - 2019-06-09 12:49 - 002417664 _____ (Farbar) C:\Users\Michaela\Desktop\FRST64.exe
2019-06-09 12:44 - 2019-06-09 12:44 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-06-09 09:47 - 2019-06-09 09:47 - 000077824 ____N C:\WINDOWS\KMSEmulator.exe
2019-06-07 19:26 - 2019-06-07 19:26 - 000000000 ___HD C:\$WINDOWS.~BT
2019-06-02 15:01 - 2019-06-02 15:01 - 000000000 ___HD C:\OneDriveTemp
2019-06-02 13:52 - 2019-06-02 13:52 - 026809856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 023439360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 018999808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 012869120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 012162048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-02 13:52 - 2019-06-02 13:52 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-02 13:52 - 2019-06-02 13:52 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 001260048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-02 13:52 - 2019-06-02 13:52 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-02 13:52 - 2019-06-02 13:52 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-02 13:52 - 2019-06-02 13:52 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000287912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-02 13:52 - 2019-06-02 13:52 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-02 13:51 - 2019-06-02 13:51 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-02 13:51 - 2019-06-02 13:51 - 006926336 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 006545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-06-02 13:51 - 2019-06-02 13:51 - 003983872 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-02 13:51 - 2019-06-02 13:51 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 003344896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 002777736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 002690048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 002627600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-06-02 13:51 - 2019-06-02 13:51 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-02 13:51 - 2019-06-02 13:51 - 002276192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001761280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001700312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-02 13:51 - 2019-06-02 13:51 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001618944 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-02 13:51 - 2019-06-02 13:51 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001342904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-02 13:51 - 2019-06-02 13:51 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001180184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-02 13:51 - 2019-06-02 13:51 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-06-02 13:51 - 2019-06-02 13:51 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000586040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000555232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-06-02 13:51 - 2019-06-02 13:51 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000451104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-06-02 13:51 - 2019-06-02 13:51 - 000427688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-06-02 13:51 - 2019-06-02 13:51 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000262160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-06-02 13:51 - 2019-06-02 13:51 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 007645608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 005297152 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 002638336 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 001860096 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 001298952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 001229312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 000615440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000247608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 000196920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 000152400 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000125528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-06-02 13:07 - 2019-06-02 14:55 - 000000085 _____ C:\WINDOWS\wininit.ini
2019-05-29 16:35 - 2019-05-29 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-05-29 16:34 - 2019-05-29 16:34 - 000000000 ____D C:\Program Files\iPod
2019-05-29 16:33 - 2019-05-29 16:34 - 000000000 ____D C:\Program Files\iTunes
2019-05-28 16:33 - 2019-05-28 16:32 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-05-23 15:37 - 2019-05-23 15:37 - 006072320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-23 15:37 - 2019-05-23 15:37 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-23 15:37 - 2019-05-23 15:37 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-23 15:37 - 2019-05-23 15:37 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-23 15:37 - 2019-05-23 15:37 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 007879680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 004660736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 003905536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 001395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000807464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000508432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000444944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000254952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-23 15:36 - 2019-05-23 15:36 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-23 15:36 - 2019-05-23 15:36 - 000179728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000147736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-05-23 15:36 - 2019-05-23 15:36 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000066688 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000055792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-09 12:50 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-09 12:50 - 2016-08-24 16:44 - 000000000 ____D C:\FRST
2019-06-09 12:49 - 2015-11-11 09:00 - 000000000 ___RD C:\Users\Michaela\OneDrive
2019-06-09 12:39 - 2017-05-26 10:09 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-06-09 12:39 - 2015-11-11 08:56 - 000000000 __SHD C:\Users\Michaela\IntelGraphicsProfiles
2019-06-09 12:38 - 2019-01-01 18:27 - 000000000 ____D C:\Users\Michaela
2019-06-09 12:37 - 2019-01-01 18:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-09 12:37 - 2019-01-01 18:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-09 12:37 - 2017-05-26 10:08 - 000000000 ____D C:\ProgramData\Synaptics
2019-06-09 12:32 - 2015-11-12 22:06 - 000000000 ____D C:\Users\Michaela\AppData\Local\CrashDumps
2019-06-09 11:01 - 2019-01-01 18:54 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-06-09 11:01 - 2019-01-01 18:54 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-09 11:01 - 2019-01-01 18:54 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-09 11:01 - 2019-01-01 18:54 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2905897820-2961114574-241712703-1001
2019-06-09 11:01 - 2019-01-01 18:54 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2905897820-2961114574-241712703-1004
2019-06-09 11:01 - 2019-01-01 18:54 - 000002812 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-itsmishkadoll@hotmail.cz
2019-06-09 11:01 - 2019-01-01 18:54 - 000002510 _____ C:\WINDOWS\System32\Tasks\GridinSoft Anti-Malware
2019-06-09 11:01 - 2019-01-01 18:54 - 000002300 _____ C:\WINDOWS\System32\Tasks\{A5EA487F-D976-4999-AE98-E42B7F1F52C7}
2019-06-09 11:01 - 2019-01-01 18:54 - 000002294 _____ C:\WINDOWS\System32\Tasks\{CA49ADF7-E731-4BD1-9FC0-0FABA3D31AA5}
2019-06-09 11:01 - 2019-01-01 18:54 - 000002244 _____ C:\WINDOWS\System32\Tasks\{70A01191-9630-4112-BFB0-FB0CE9F9A198}
2019-06-09 10:57 - 2019-01-01 18:54 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-06-09 10:16 - 2016-08-24 12:15 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-09 09:47 - 2015-11-15 16:23 - 000000161 _____ C:\WINDOWS\AutoKMS.ini
2019-06-09 09:38 - 2018-09-15 08:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-06-08 18:57 - 2015-11-12 19:51 - 000000000 ____D C:\Users\Michaela\AppData\Roaming\vlc
2019-06-08 10:59 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-08 08:31 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-07 19:27 - 2019-01-01 12:44 - 000000000 ___DC C:\WINDOWS\Panther
2019-06-07 17:45 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-06-07 16:05 - 2019-01-01 18:54 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-06-06 16:15 - 2018-06-06 12:08 - 000167872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-06-03 16:15 - 2018-06-06 12:08 - 000225608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-06-02 15:01 - 2019-01-01 18:41 - 001740358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-02 15:01 - 2018-09-15 19:32 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2019-06-02 15:01 - 2018-09-15 19:32 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2019-06-02 14:57 - 2015-11-12 20:32 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-06-02 14:55 - 2015-11-12 20:32 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-06-02 14:17 - 2019-01-01 18:20 - 005045528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-02 14:12 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-02 14:12 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-02 14:05 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-02 13:01 - 2018-04-21 18:14 - 000000000 ____D C:\Program Files\OpenShot Video Editor
2019-06-02 12:53 - 2017-12-01 19:35 - 000000000 ____D C:\Users\Michaela\AppData\Local\Packages
2019-06-01 12:42 - 2018-12-26 18:06 - 000023963 _____ C:\Users\Michaela\Documents\BUDGET 2019.xlsx
2019-05-31 18:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-05-30 18:35 - 2018-06-06 12:08 - 000385880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-05-30 18:09 - 2019-01-01 18:27 - 000002377 _____ C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-28 17:06 - 2019-04-17 16:00 - 000003856 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-05-28 17:06 - 2019-04-17 16:00 - 000003272 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-05-28 17:06 - 2018-04-11 19:25 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-05-28 17:06 - 2018-04-11 19:25 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-05-28 16:33 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-28 16:32 - 2019-02-21 18:34 - 000279120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-05-28 16:32 - 2019-01-14 17:16 - 000262496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-05-28 16:32 - 2019-01-07 17:32 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-05-28 16:32 - 2019-01-07 17:32 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-05-28 16:32 - 2019-01-07 17:32 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-05-28 16:32 - 2018-10-28 13:48 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-05-28 16:32 - 2018-06-06 12:08 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-05-28 16:32 - 2018-06-06 12:08 - 000477584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-05-28 16:32 - 2018-06-06 12:08 - 000207448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-05-28 16:32 - 2018-06-06 12:08 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-05-28 16:32 - 2018-06-06 12:08 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-05-26 13:27 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-26 13:12 - 2018-07-09 21:02 - 000000000 ____D C:\ProgramData\Packages
2019-05-24 06:06 - 2015-11-14 14:51 - 000000000 ____D C:\Users\Michaela\AppData\Local\ElevatedDiagnostics
2019-05-16 16:46 - 2015-11-16 19:10 - 000000000 ____D C:\Users\Michaela\AppData\Roaming\uTorrent
2019-05-15 16:09 - 2019-02-16 09:27 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-15 16:09 - 2019-02-16 09:27 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-15 16:09 - 2015-11-11 09:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-15 16:04 - 2015-11-11 09:37 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-15 15:56 - 2015-11-11 15:29 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-12 18:47 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports

==================== Files in the root of some directories =======

2016-01-06 17:14 - 2017-12-23 16:24 - 000000132 _____ () C:\Users\Michaela\AppData\Roaming\Adobe PNG Format CS5 Prefs
2018-04-21 17:18 - 2018-04-21 17:18 - 000003584 _____ () C:\Users\Michaela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-08 21:13 - 2016-02-08 21:13 - 000000000 _____ () C:\Users\Michaela\AppData\Local\{FCDCF938-BFA7-4FB3-B656-2C3DF44FBA49}

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2019
Ran by Michaela (09-06-2019 12:56:11)
Running from C:\Users\Michaela\Desktop
Windows 10 Home Version 1809 17763.529 (X64) (2019-01-01 16:55:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2905897820-2961114574-241712703-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2905897820-2961114574-241712703-503 - Limited - Disabled)
Guest (S-1-5-21-2905897820-2961114574-241712703-501 - Limited - Disabled)
Michaela (S-1-5-21-2905897820-2961114574-241712703-1001 - Administrator - Enabled) => C:\Users\Michaela
WDAGUtilityAccount (S-1-5-21-2905897820-2961114574-241712703-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.10 beta (x64) (HKLM\...\7-Zip) (Version: 15.10 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 74.0.1376.131 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MP540 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series) (Version: - )
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.5229 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.5229 - CyberLink Corp.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.80 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: - HP)
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{2CDA0D13-ED4D-4E66-B920-9AE696F9992E}) (Version: 1.1.1 - HP)
HP Hotkey Support (HKLM-x32\...\{766FF18A-4032-48D0-8BEA-3CF73624BB69}) (Version: 6.2.4.1 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8293.5264 - Hewlett-Packard)
HP SoftPaq Download Manager (HKLM-x32\...\{BB51845C-10A6-457F-A215-9B2D3E130889}) (Version: 3.6.2.0 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{83421C73-4679-40F0-B590-20846CB893E0}) (Version: 9.0.1 - HP)
HP Support Information (HKLM-x32\...\{76272057-98E0-4DC4-AAC3-10C546C47195}) (Version: 14.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.10.49.21 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{FFAC0DB6-995F-41E6-BEA8-AB7ACEA6B774}) (Version: 1.0.1 - HP)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{7B81A249-0187-436C-9738-AF82DAA54822}) (Version: 12.9.5.7 - Apple Inc.)
K-Lite Codec Pack 10.1.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.5 - )
Microsoft Office 2010 pro studenty a domácnosti (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{C1BCFECF-6EC2-4750-9072-5E2489423F8F}) (Version: 7.5 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}) (Version: 7.5 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.97 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7818 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{B0CB33D8-1426-4D61-A4F6-BDFD7407AE92}) (Version: 4.5.307.0 - Synaptics)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)

Packages:
=========
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_7.0.11.0_x64__v10z8vjag6ke6 [2019-01-17] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-04-29] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-04-29] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-05-19 18:11 - 2015-05-19 18:11 - 000007680 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2015-06-24 01:00 - 2015-06-24 01:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-06-24 01:00 - 2015-06-24 01:00 - 000285696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2003-03-18 23:23 - 2003-03-18 23:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2006-10-26 14:40 - 2006-10-26 14:40 - 000335872 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\123simsen.com -> www.123simsen.com

There are 7937 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2019-01-04 16:38 - 000454356 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 15597 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2905897820-2961114574-241712703-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michaela\Pictures\bouquet-of-peonies-wallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{4110B46D-A412-4870-ABB7-DBDA29D6714B}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [TCP Query User{7184325F-E85F-48A1-9AEF-ED89130CE20C}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [UDP Query User{FAE068E1-497A-4287-A6C9-DD172C95530C}C:\users\michaela\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michaela\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{8911D30D-AC6D-47D8-AF83-1B46291F0D0E}C:\users\michaela\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michaela\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{ABB3547E-F46E-490D-B82F-855E7705C1E9}C:\users\michaela\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michaela\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{4EAD6BD3-C783-482F-8CEF-5942939102C2}C:\users\michaela\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michaela\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{902BCFC0-8AD3-42A9-8F4E-588B36C29808}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{9DB7067E-C5E0-43F6-B288-B9375B9A7D24}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E939B6F6-CEAB-44D3-94C7-FDB6FFA46FE5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{B08F552A-683A-4D2F-86CA-79F5760EE0A1}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe No File
FirewallRules: [UDP Query User{DBE81A8C-6DF0-42AD-9612-6042037AC7D9}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe No File
FirewallRules: [{29023CC9-4ACE-4AC3-98C6-F153757772DE}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe No File
FirewallRules: [{954E4E8C-8D56-4CF3-B8D7-BD25D617B7F4}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe No File
FirewallRules: [{3D8685EA-A440-4BD5-A36C-E5DAADB5846C}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe No File
FirewallRules: [{62A03B00-B92C-4AB5-A338-B941995C9E7B}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe No File
FirewallRules: [{FCDF75B4-4049-443B-AA73-02ED8E2A0F04}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe No File
FirewallRules: [{5C02E09D-0690-405C-9DCB-80FFDD4A91B5}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe No File
FirewallRules: [{176B9AE4-E3E8-4145-B0E6-AFE1E3B5250E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [TCP Query User{523ACC22-91CD-476E-AF5E-EEB19693AF6B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{33214EC1-EF68-4EA0-8690-8A47E575E35E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{92DADD27-D4CA-400E-A20F-706D273E8185}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{92BE37BB-0942-4EF3-8809-289122B93B38}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{31735B08-C1BD-4E0A-9A32-BEB99906C140}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

21-05-2019 16:38:13 Naplánovaný kontrolní bod
30-05-2019 18:54:34 Naplánovaný kontrolní bod
08-06-2019 07:41:10 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2019 12:32:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17763.1, časové razítko: 0xe52aabf3
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xe0464645
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x6a84
Čas spuštění chybující aplikace: 0x01d51eaeb400554e
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 292d571a-41e0-47d4-8255-114116422ffc
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/09/2019 12:32:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17763.1, časové razítko: 0xe52aabf3
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xe0464645
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x69f4
Čas spuštění chybující aplikace: 0x01d51eaeb3210a49
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 0d7ab08d-a2ec-4222-a361-68698cc4de42
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/09/2019 12:32:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17763.1, časové razítko: 0xe52aabf3
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xe0464645
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x696c
Čas spuštění chybující aplikace: 0x01d51eaeb21c9630
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 44ed5839-903a-4604-ac30-465ce6cf8ed3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/09/2019 12:32:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17763.1, časové razítko: 0xe52aabf3
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xe0464645
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x894
Čas spuštění chybující aplikace: 0x01d51eaeb11ef96d
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 3e9c0513-0dcf-45d5-b1bd-bbc3ba48b7bb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/09/2019 12:32:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17763.1, časové razítko: 0xe52aabf3
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xe0464645
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x3274
Čas spuštění chybující aplikace: 0x01d51eaea916b78e
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 173a429e-f7f2-4972-b650-603e3e6a0e88
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/09/2019 12:32:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17763.1, časové razítko: 0xe52aabf3
Název chybujícího modulu: udwm.dll, verze: 10.0.17763.404, časové razítko: 0xc4744ab5
Kód výjimky: 0xc00001ad
Posun chyby: 0x00000000000b1c75
ID chybujícího procesu: 0x3370
Čas spuštění chybující aplikace: 0x01d51eaea52db7fc
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\udwm.dll
ID zprávy: 3cdb6970-3217-4d73-8d09-95fad9a97866
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/09/2019 12:32:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17763.1, časové razítko: 0xe52aabf3
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xe0464645
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x20c0
Čas spuštění chybující aplikace: 0x01d51eae9c024139
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: e7f41b72-6b71-4305-aaba-adced360f99e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/09/2019 12:32:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.17763.439, časové razítko: 0x5cc42eee
Název chybujícího modulu: wincorlib.DLL, verze: 10.0.17763.1, časové razítko: 0x6a55aa1e
Kód výjimky: 0xc000041d
Posun chyby: 0x00000000000149fd
ID chybujícího procesu: 0x18fc
Čas spuštění chybující aplikace: 0x01d51eae916b3f0a
Cesta k chybující aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\wincorlib.DLL
ID zprávy: 4827f77d-25dc-465d-882a-31f6686c83bd
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App


System errors:
=============
Error: (06/09/2019 12:47:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (06/09/2019 12:44:47 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service přestala během spouštění reagovat.

Error: (06/09/2019 12:41:21 PM) (Source: DCOM) (EventID: 10016) (User: ITSMISHKA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli ITSMISHKA\Michaela (SID: S-1-5-21-2905897820-2961114574-241712703-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/09/2019 12:41:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP Support Solutions Framework Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (06/09/2019 12:41:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HP Support Solutions Framework Service bylo dosaženo časového limitu (30000 ms).

Error: (06/09/2019 12:37:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:19:45, ‎09.‎06.‎2019) bylo neočekávané.

Error: (06/09/2019 12:30:54 PM) (Source: DCOM) (EventID: 10005) (User: ITSMISHKA)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby camsvc s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.CapabilityAccess.CapabilityAccess

Error: (06/09/2019 12:30:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Capability Access Manager neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Windows Defender:
===================================
Date: 2019-05-31 05:53:45.390
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.2026.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-05-31 05:53:45.389
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.2026.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-05-31 05:53:45.388
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.2026.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-05-31 05:53:45.358
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.2026.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-05-31 05:53:45.357
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.2026.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2019-06-09 12:38:49.443
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-09 12:38:49.439
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-09 12:38:49.429
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-09 12:38:49.425
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-08 18:34:29.912
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-08 18:34:29.906
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-08 18:34:29.872
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-08 18:34:29.860
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Hewlett-Packard M73 Ver. 01.15 07/24/2015
Motherboard: Hewlett-Packard 2248
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 85%
Total physical RAM: 3987.11 MB
Available physical RAM: 586.45 MB
Total Virtual: 8083.11 MB
Available Virtual: 3305.38 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:913.6 GB) (Free:749.08 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:14.57 GB) (Free:1.83 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32

\\?\Volume{69961a8a-791a-4af0-a4cc-b01415116d80}\ () (Fixed) (Total:0.85 GB) (Free:0.31 GB) NTFS
\\?\Volume{219cd572-d0dc-4546-a915-a2283f0e7829}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.27 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 319DBD81)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: problém s ntb

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

em&M
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 16 led 2016 20:54

Re: problém s ntb

#3 Příspěvek od em&M »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-09-2019
# Duration: 00:00:19
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1466 octets] - [09/06/2019 14:20:26]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: problém s ntb

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

em&M
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 16 led 2016 20:54

Re: problém s ntb

#5 Příspěvek od em&M »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-06-2019
Ran by Michaela (administrator) on ITSMISHKA (Hewlett-Packard HP ProBook 450 G2) (09-06-2019 15:21:51)
Running from C:\Users\Michaela\Desktop
Loaded Profiles: Michaela (Available Profiles: Michaela)
Platform: Windows 10 Home Version 1809 17763.529 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19051.545.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\HotKeyServiceUWP.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\LanWlanWwanSwitchingServiceUWP.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Michaela\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8811776 2016-05-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [225280 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-24] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-05-07] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-04-29] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492472 2015-04-29] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated) [File not signed]
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.80\Installer\chrmstp.exe [2019-06-09] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.131\Installer\chrmstp.exe [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0689EBFF-ECC5-43A2-9B79-1285340F4443} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [652664 2019-04-17] (HP Inc. -> HP Inc.)
Task: {10724B03-A585-41DA-92B9-9AC9FD906FEE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {23E538B8-7E69-472B-BB49-5C6CEB1EE2F0} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-itsmishkadoll@hotmail.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {2B77C0D8-7769-4B6F-BA64-C651F1225048} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1958568 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {3535407A-0666-4148-B45D-A1B965C2C68B} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1958568 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {3CACC943-99A2-4533-B0FE-A6426166DAE5} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {4877E5D4-DA2E-476F-88D2-E54B87ABD171} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {498FBF6A-3C76-4E26-A3F2-8C72C0DAB9FE} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
Task: {53BFD8C9-7DB3-4FDA-84B1-6E8F6C08F38D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {563B3866-0883-47AA-A50E-D8207A5D9420} - System32\Tasks\{CA49ADF7-E731-4BD1-9FC0-0FABA3D31AA5} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Michaela\Desktop\win64_154010.4300.exe -d C:\Users\Michaela\Desktop
Task: {5F30864D-4746-48D2-B824-56CF2887F9C4} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {632B33FA-8BC8-44CA-BB55-0916D43324AE} - System32\Tasks\{A5EA487F-D976-4999-AE98-E42B7F1F52C7} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Acro Software\CutePDF Writer\Setup64.exe" -c /uninstall
Task: {86FCF52F-8985-4FB4-BB98-E9EAEF9D4A8B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {991CFC20-163A-4E0F-9288-A2499B0B1BFC} - System32\Tasks\{70A01191-9630-4112-BFB0-FB0CE9F9A198} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\Easeware\DriverEasy\unins000.exe"
Task: {9996ADBF-58D7-4D18-BEE4-F0A3DFF8CFA6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {A0D5713B-FBAB-4DD6-A7D9-0E6B08091905} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-08-24] (Google Inc -> Google Inc.)
Task: {BBDFFC6E-78CE-4516-8862-F99B77B6FE2C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
Task: {CD536D89-31E0-4585-890E-2451D5F73E81} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [132445408 2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC348339-E439-45A4-A9EA-D9BCFE8F1164} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {EC8AC46A-DFE7-49A9-A28C-04FDBEE020FE} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FF5545E6-DDCF-4047-9548-3734A7EA2C8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-08-24] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{071e417d-5366-4968-ad75-886ab18d1a21}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2905897820-2961114574-241712703-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2905897820-2961114574-241712703-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: a5zdyp94.default
FF ProfilePath: C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\a5zdyp94.default [2019-05-29]
FF Extension: (AdBlock) - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\a5zdyp94.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2017-12-09]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\a5zdyp94.default\Extensions\sp@avast.com.xpi [2019-06-02]
FF Extension: (Avast Online Security) - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\a5zdyp94.default\Extensions\wrc@avast.com.xpi [2018-06-24]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR NewTab: Default -> Active:"chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html"
CHR Profile: C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default [2019-06-09]
CHR Extension: (Prezentace) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19]
CHR Extension: (hxxp://translate.google.cz/) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahlagfghnfgpjkanemnddagekadalamm [2016-01-18]
CHR Extension: (Dokumenty) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-28]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2019-06-04]
CHR Extension: (YouTube) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-18]
CHR Extension: (Vyhledávání Google) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-18]
CHR Extension: (Tipli do prohlížeče) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2019-03-16]
CHR Extension: (Facebook Disconnect) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpepffjfmamnambagiibghpglaidiec [2016-01-18]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-07]
CHR Extension: (Tabulky) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-06]
CHR Extension: (AdBlock) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-05-31]
CHR Extension: (Avast Online Security) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-05]
CHR Extension: (Momentum) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2019-06-02]
CHR Extension: (hxxp://www.uloz.to/) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\liebfmmaockegjmndodagbpdbgjihpie [2016-01-18]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2019-05-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Gmail) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-31]
CHR Extension: (Chrome Media Router) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-09]
CHR Profile: C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\System Profile [2018-02-05]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.131\elevation_service.exe [1079424 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [22528 2017-03-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\HotKeyServiceUWP.exe [674208 2018-10-29] (HP Inc. -> HP Inc.)
S2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-24] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [184064 2017-03-09] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373760 2017-01-27] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_b1c728d4cdf312e2\LanWlanWwanSwitchingServiceUWP.exe [583584 2018-10-29] (HP Inc. -> HP Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312576 2016-05-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255584 2017-08-19] (Synaptics Incorporated -> Synaptics Incorporated)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [82944 2017-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-01-02] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-01-02] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [207448 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [262496 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279120 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167872 2019-06-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477584 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225608 2019-06-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [9728 2018-09-15] (Microsoft Windows -> Windows (R) Win 7 DDK provider)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [49184 2018-10-20] (HP Inc. -> HP Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2017-03-09] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-05-12] (Malwarebytes Corporation -> Malwarebytes)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3595472 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [772336 2015-11-11] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-05-28] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3222016 2017-03-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-06-12] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [33960 2015-06-12] (Synaptics Incorporated -> Synaptics Incorporated)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46680 2019-01-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [330936 2019-01-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2019-01-02] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-09 15:21 - 2019-06-09 15:27 - 000030959 _____ C:\Users\Michaela\Desktop\FRST.txt
2019-06-09 14:15 - 2019-06-09 14:15 - 007025360 _____ (Malwarebytes) C:\Users\Michaela\Desktop\AdwCleaner.exe
2019-06-09 12:48 - 2019-06-09 12:49 - 002417664 _____ (Farbar) C:\Users\Michaela\Desktop\FRST64.exe
2019-06-09 12:44 - 2019-06-09 12:44 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-06-09 09:47 - 2019-06-09 09:47 - 000077824 ____N C:\WINDOWS\KMSEmulator.exe
2019-06-07 19:26 - 2019-06-07 19:26 - 000000000 ___HD C:\$WINDOWS.~BT
2019-06-02 15:01 - 2019-06-02 15:01 - 000000000 ___HD C:\OneDriveTemp
2019-06-02 13:52 - 2019-06-02 13:52 - 026809856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 023439360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 018999808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 012869120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 012162048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-02 13:52 - 2019-06-02 13:52 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-02 13:52 - 2019-06-02 13:52 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 001260048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-02 13:52 - 2019-06-02 13:52 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-02 13:52 - 2019-06-02 13:52 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-02 13:52 - 2019-06-02 13:52 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-06-02 13:52 - 2019-06-02 13:52 - 000287912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-02 13:52 - 2019-06-02 13:52 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-02 13:51 - 2019-06-02 13:51 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-02 13:51 - 2019-06-02 13:51 - 006926336 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 006545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-06-02 13:51 - 2019-06-02 13:51 - 003983872 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-02 13:51 - 2019-06-02 13:51 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 003344896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 002777736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 002690048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 002627600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-06-02 13:51 - 2019-06-02 13:51 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-02 13:51 - 2019-06-02 13:51 - 002276192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001761280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001700312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-02 13:51 - 2019-06-02 13:51 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001618944 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-02 13:51 - 2019-06-02 13:51 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001342904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-02 13:51 - 2019-06-02 13:51 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001180184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-02 13:51 - 2019-06-02 13:51 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-06-02 13:51 - 2019-06-02 13:51 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000586040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000555232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-06-02 13:51 - 2019-06-02 13:51 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000451104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-06-02 13:51 - 2019-06-02 13:51 - 000427688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-06-02 13:51 - 2019-06-02 13:51 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000262160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-06-02 13:51 - 2019-06-02 13:51 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-06-02 13:51 - 2019-06-02 13:51 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 007645608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 005297152 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 002638336 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 001860096 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 001298952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 001229312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 000615440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000247608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 000196920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 000152400 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000125528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-02 13:50 - 2019-06-02 13:50 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-02 13:50 - 2019-06-02 13:50 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-06-02 13:50 - 2019-06-02 13:50 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-06-02 13:07 - 2019-06-02 14:55 - 000000085 _____ C:\WINDOWS\wininit.ini
2019-05-29 16:35 - 2019-05-29 16:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-05-29 16:34 - 2019-05-29 16:34 - 000000000 ____D C:\Program Files\iPod
2019-05-29 16:33 - 2019-05-29 16:34 - 000000000 ____D C:\Program Files\iTunes
2019-05-28 16:33 - 2019-05-28 16:32 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-05-23 15:37 - 2019-05-23 15:37 - 006072320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-23 15:37 - 2019-05-23 15:37 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-23 15:37 - 2019-05-23 15:37 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-23 15:37 - 2019-05-23 15:37 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-23 15:37 - 2019-05-23 15:37 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 007879680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 004660736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 003905536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 001395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000807464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000508432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000444944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000254952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-23 15:36 - 2019-05-23 15:36 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-23 15:36 - 2019-05-23 15:36 - 000179728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-23 15:36 - 2019-05-23 15:36 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000147736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-05-23 15:36 - 2019-05-23 15:36 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-23 15:36 - 2019-05-23 15:36 - 000066688 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-23 15:36 - 2019-05-23 15:36 - 000055792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-09 15:21 - 2016-08-24 16:44 - 000000000 ____D C:\FRST
2019-06-09 15:14 - 2019-01-01 18:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-09 15:14 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-09 14:26 - 2015-11-11 09:00 - 000000000 ___RD C:\Users\Michaela\OneDrive
2019-06-09 14:23 - 2019-01-01 18:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-09 14:23 - 2017-05-26 10:09 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-06-09 14:23 - 2017-05-26 10:08 - 000000000 ____D C:\ProgramData\Synaptics
2019-06-09 14:23 - 2015-11-11 08:56 - 000000000 __SHD C:\Users\Michaela\IntelGraphicsProfiles
2019-06-09 14:22 - 2018-09-15 08:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-06-09 14:21 - 2019-01-01 18:27 - 000000000 ____D C:\Users\Michaela
2019-06-09 14:20 - 2016-01-03 16:01 - 000000000 ____D C:\AdwCleaner
2019-06-09 12:32 - 2015-11-12 22:06 - 000000000 ____D C:\Users\Michaela\AppData\Local\CrashDumps
2019-06-09 11:01 - 2019-01-01 18:54 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-06-09 11:01 - 2019-01-01 18:54 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-09 11:01 - 2019-01-01 18:54 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-09 11:01 - 2019-01-01 18:54 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2905897820-2961114574-241712703-1001
2019-06-09 11:01 - 2019-01-01 18:54 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2905897820-2961114574-241712703-1004
2019-06-09 11:01 - 2019-01-01 18:54 - 000002812 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-itsmishkadoll@hotmail.cz
2019-06-09 11:01 - 2019-01-01 18:54 - 000002510 _____ C:\WINDOWS\System32\Tasks\GridinSoft Anti-Malware
2019-06-09 11:01 - 2019-01-01 18:54 - 000002300 _____ C:\WINDOWS\System32\Tasks\{A5EA487F-D976-4999-AE98-E42B7F1F52C7}
2019-06-09 11:01 - 2019-01-01 18:54 - 000002294 _____ C:\WINDOWS\System32\Tasks\{CA49ADF7-E731-4BD1-9FC0-0FABA3D31AA5}
2019-06-09 11:01 - 2019-01-01 18:54 - 000002244 _____ C:\WINDOWS\System32\Tasks\{70A01191-9630-4112-BFB0-FB0CE9F9A198}
2019-06-09 11:01 - 2019-01-01 18:54 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-06-09 10:16 - 2016-08-24 12:15 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-09 09:47 - 2015-11-15 16:23 - 000000161 _____ C:\WINDOWS\AutoKMS.ini
2019-06-08 18:57 - 2015-11-12 19:51 - 000000000 ____D C:\Users\Michaela\AppData\Roaming\vlc
2019-06-08 10:59 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-08 08:31 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-07 19:27 - 2019-01-01 12:44 - 000000000 ___DC C:\WINDOWS\Panther
2019-06-07 17:45 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-06-07 16:05 - 2019-01-01 18:54 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-06-06 16:15 - 2018-06-06 12:08 - 000167872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-06-03 16:15 - 2018-06-06 12:08 - 000225608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-06-02 15:01 - 2019-01-01 18:41 - 001740358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-02 15:01 - 2018-09-15 19:32 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2019-06-02 15:01 - 2018-09-15 19:32 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2019-06-02 14:57 - 2015-11-12 20:32 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-06-02 14:55 - 2015-11-12 20:32 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-06-02 14:17 - 2019-01-01 18:20 - 005045528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-02 14:12 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-02 14:12 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-02 14:05 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-02 13:01 - 2018-04-21 18:14 - 000000000 ____D C:\Program Files\OpenShot Video Editor
2019-06-02 12:53 - 2017-12-01 19:35 - 000000000 ____D C:\Users\Michaela\AppData\Local\Packages
2019-06-01 12:42 - 2018-12-26 18:06 - 000023963 _____ C:\Users\Michaela\Documents\BUDGET 2019.xlsx
2019-05-31 18:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-05-30 18:35 - 2018-06-06 12:08 - 000385880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-05-30 18:09 - 2019-01-01 18:27 - 000002377 _____ C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-28 17:06 - 2019-04-17 16:00 - 000003856 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-05-28 17:06 - 2019-04-17 16:00 - 000003272 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-05-28 17:06 - 2018-04-11 19:25 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-05-28 17:06 - 2018-04-11 19:25 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-05-28 16:33 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-28 16:32 - 2019-02-21 18:34 - 000279120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-05-28 16:32 - 2019-01-14 17:16 - 000262496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-05-28 16:32 - 2019-01-07 17:32 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-05-28 16:32 - 2019-01-07 17:32 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-05-28 16:32 - 2019-01-07 17:32 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-05-28 16:32 - 2018-10-28 13:48 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-05-28 16:32 - 2018-06-06 12:08 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-05-28 16:32 - 2018-06-06 12:08 - 000477584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-05-28 16:32 - 2018-06-06 12:08 - 000207448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-05-28 16:32 - 2018-06-06 12:08 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-05-28 16:32 - 2018-06-06 12:08 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-05-26 13:27 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-26 13:12 - 2018-07-09 21:02 - 000000000 ____D C:\ProgramData\Packages
2019-05-24 06:06 - 2015-11-14 14:51 - 000000000 ____D C:\Users\Michaela\AppData\Local\ElevatedDiagnostics
2019-05-16 16:46 - 2015-11-16 19:10 - 000000000 ____D C:\Users\Michaela\AppData\Roaming\uTorrent
2019-05-15 16:09 - 2019-02-16 09:27 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-15 16:09 - 2019-02-16 09:27 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-15 16:09 - 2015-11-11 09:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-15 16:04 - 2015-11-11 09:37 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-15 15:56 - 2015-11-11 15:29 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-12 18:47 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports

==================== Files in the root of some directories =======

2016-01-06 17:14 - 2017-12-23 16:24 - 000000132 _____ () C:\Users\Michaela\AppData\Roaming\Adobe PNG Format CS5 Prefs
2018-04-21 17:18 - 2018-04-21 17:18 - 000003584 _____ () C:\Users\Michaela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-08 21:13 - 2016-02-08 21:13 - 000000000 _____ () C:\Users\Michaela\AppData\Local\{FCDCF938-BFA7-4FB3-B656-2C3DF44FBA49}

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================







Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2019
Ran by Michaela (09-06-2019 15:30:18)
Running from C:\Users\Michaela\Desktop
Windows 10 Home Version 1809 17763.529 (X64) (2019-01-01 16:55:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2905897820-2961114574-241712703-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2905897820-2961114574-241712703-503 - Limited - Disabled)
Guest (S-1-5-21-2905897820-2961114574-241712703-501 - Limited - Disabled)
Michaela (S-1-5-21-2905897820-2961114574-241712703-1001 - Administrator - Enabled) => C:\Users\Michaela
WDAGUtilityAccount (S-1-5-21-2905897820-2961114574-241712703-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.10 beta (x64) (HKLM\...\7-Zip) (Version: 15.10 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 74.0.1376.131 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MP540 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series) (Version: - )
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.5229 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.5229 - CyberLink Corp.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.80 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: - HP)
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{2CDA0D13-ED4D-4E66-B920-9AE696F9992E}) (Version: 1.1.1 - HP)
HP Hotkey Support (HKLM-x32\...\{766FF18A-4032-48D0-8BEA-3CF73624BB69}) (Version: 6.2.4.1 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8293.5264 - Hewlett-Packard)
HP SoftPaq Download Manager (HKLM-x32\...\{BB51845C-10A6-457F-A215-9B2D3E130889}) (Version: 3.6.2.0 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{83421C73-4679-40F0-B590-20846CB893E0}) (Version: 9.0.1 - HP)
HP Support Information (HKLM-x32\...\{76272057-98E0-4DC4-AAC3-10C546C47195}) (Version: 14.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.10.49.21 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{FFAC0DB6-995F-41E6-BEA8-AB7ACEA6B774}) (Version: 1.0.1 - HP)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{7B81A249-0187-436C-9738-AF82DAA54822}) (Version: 12.9.5.7 - Apple Inc.)
K-Lite Codec Pack 10.1.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.5 - )
Microsoft Office 2010 pro studenty a domácnosti (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{C1BCFECF-6EC2-4750-9072-5E2489423F8F}) (Version: 7.5 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}) (Version: 7.5 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.97 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7818 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{B0CB33D8-1426-4D61-A4F6-BDFD7407AE92}) (Version: 4.5.307.0 - Synaptics)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)

Packages:
=========
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_7.0.11.0_x64__v10z8vjag6ke6 [2019-01-17] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-04-29] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-04-29] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd -> Piriform Ltd)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-05-19 18:11 - 2015-05-19 18:11 - 000335872 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2015-06-24 01:00 - 2015-06-24 01:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-06-24 01:00 - 2015-06-24 01:00 - 000285696 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2003-03-18 23:23 - 2003-03-18 23:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2006-10-26 14:40 - 2006-10-26 14:40 - 000335872 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2905897820-2961114574-241712703-1001\...\123simsen.com -> www.123simsen.com

There are 7935 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2019-01-04 16:38 - 000454356 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 15597 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2905897820-2961114574-241712703-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michaela\Pictures\bouquet-of-peonies-wallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{4110B46D-A412-4870-ABB7-DBDA29D6714B}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [TCP Query User{7184325F-E85F-48A1-9AEF-ED89130CE20C}C:\windows\kmsemulator.exe] => (Block) C:\windows\kmsemulator.exe () [File not signed]
FirewallRules: [UDP Query User{FAE068E1-497A-4287-A6C9-DD172C95530C}C:\users\michaela\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michaela\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{8911D30D-AC6D-47D8-AF83-1B46291F0D0E}C:\users\michaela\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michaela\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{ABB3547E-F46E-490D-B82F-855E7705C1E9}C:\users\michaela\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michaela\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{4EAD6BD3-C783-482F-8CEF-5942939102C2}C:\users\michaela\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\michaela\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{902BCFC0-8AD3-42A9-8F4E-588B36C29808}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{9DB7067E-C5E0-43F6-B288-B9375B9A7D24}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E939B6F6-CEAB-44D3-94C7-FDB6FFA46FE5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{B08F552A-683A-4D2F-86CA-79F5760EE0A1}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe No File
FirewallRules: [UDP Query User{DBE81A8C-6DF0-42AD-9612-6042037AC7D9}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe No File
FirewallRules: [{29023CC9-4ACE-4AC3-98C6-F153757772DE}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe No File
FirewallRules: [{954E4E8C-8D56-4CF3-B8D7-BD25D617B7F4}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe No File
FirewallRules: [{3D8685EA-A440-4BD5-A36C-E5DAADB5846C}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe No File
FirewallRules: [{62A03B00-B92C-4AB5-A338-B941995C9E7B}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe No File
FirewallRules: [{FCDF75B4-4049-443B-AA73-02ED8E2A0F04}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe No File
FirewallRules: [{5C02E09D-0690-405C-9DCB-80FFDD4A91B5}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe No File
FirewallRules: [{176B9AE4-E3E8-4145-B0E6-AFE1E3B5250E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [TCP Query User{523ACC22-91CD-476E-AF5E-EEB19693AF6B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{33214EC1-EF68-4EA0-8690-8A47E575E35E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{92DADD27-D4CA-400E-A20F-706D273E8185}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{92BE37BB-0942-4EF3-8809-289122B93B38}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{31735B08-C1BD-4E0A-9A32-BEB99906C140}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

21-05-2019 16:38:13 Naplánovaný kontrolní bod
30-05-2019 18:54:34 Naplánovaný kontrolní bod
08-06-2019 07:41:10 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2019 12:32:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17763.1, časové razítko: 0xe52aabf3
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xe0464645
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x6a84
Čas spuštění chybující aplikace: 0x01d51eaeb400554e
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 292d571a-41e0-47d4-8255-114116422ffc
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/09/2019 12:32:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17763.1, časové razítko: 0xe52aabf3
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xe0464645
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x69f4
Čas spuštění chybující aplikace: 0x01d51eaeb3210a49
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 0d7ab08d-a2ec-4222-a361-68698cc4de42
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/09/2019 12:32:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17763.1, časové razítko: 0xe52aabf3
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xe0464645
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x696c
Čas spuštění chybující aplikace: 0x01d51eaeb21c9630
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 44ed5839-903a-4604-ac30-465ce6cf8ed3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/09/2019 12:32:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17763.1, časové razítko: 0xe52aabf3
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xe0464645
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x894
Čas spuštění chybující aplikace: 0x01d51eaeb11ef96d
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 3e9c0513-0dcf-45d5-b1bd-bbc3ba48b7bb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/09/2019 12:32:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17763.1, časové razítko: 0xe52aabf3
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xe0464645
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x3274
Čas spuštění chybující aplikace: 0x01d51eaea916b78e
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 173a429e-f7f2-4972-b650-603e3e6a0e88
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/09/2019 12:32:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17763.1, časové razítko: 0xe52aabf3
Název chybujícího modulu: udwm.dll, verze: 10.0.17763.404, časové razítko: 0xc4744ab5
Kód výjimky: 0xc00001ad
Posun chyby: 0x00000000000b1c75
ID chybujícího procesu: 0x3370
Čas spuštění chybující aplikace: 0x01d51eaea52db7fc
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\udwm.dll
ID zprávy: 3cdb6970-3217-4d73-8d09-95fad9a97866
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/09/2019 12:32:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17763.1, časové razítko: 0xe52aabf3
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xe0464645
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x20c0
Čas spuštění chybující aplikace: 0x01d51eae9c024139
Cesta k chybující aplikaci: C:\WINDOWS\system32\dwm.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: e7f41b72-6b71-4305-aaba-adced360f99e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/09/2019 12:32:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.17763.439, časové razítko: 0x5cc42eee
Název chybujícího modulu: wincorlib.DLL, verze: 10.0.17763.1, časové razítko: 0x6a55aa1e
Kód výjimky: 0xc000041d
Posun chyby: 0x00000000000149fd
ID chybujícího procesu: 0x18fc
Čas spuštění chybující aplikace: 0x01d51eae916b3f0a
Cesta k chybující aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\wincorlib.DLL
ID zprávy: 4827f77d-25dc-465d-882a-31f6686c83bd
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.17763.1_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App


System errors:
=============
Error: (06/09/2019 03:09:25 PM) (Source: DCOM) (EventID: 10016) (User: ITSMISHKA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli ITSMISHKA\Michaela (SID: S-1-5-21-2905897820-2961114574-241712703-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/09/2019 02:39:56 PM) (Source: DCOM) (EventID: 10016) (User: ITSMISHKA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli ITSMISHKA\Michaela (SID: S-1-5-21-2905897820-2961114574-241712703-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/09/2019 02:30:59 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (06/09/2019 02:28:56 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service přestala během spouštění reagovat.

Error: (06/09/2019 02:26:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP Support Solutions Framework Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (06/09/2019 02:26:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby HP Support Solutions Framework Service bylo dosaženo časového limitu (30000 ms).

Error: (06/09/2019 02:25:24 PM) (Source: DCOM) (EventID: 10016) (User: ITSMISHKA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli ITSMISHKA\Michaela (SID: S-1-5-21-2905897820-2961114574-241712703-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/09/2019 02:22:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Apple Mobile Device Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.


Windows Defender:
===================================
Date: 2019-05-31 05:53:45.390
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.2026.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-05-31 05:53:45.389
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.2026.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-05-31 05:53:45.388
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.2026.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-05-31 05:53:45.358
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.2026.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-05-31 05:53:45.357
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.2026.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2019-06-09 12:38:49.443
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-09 12:38:49.439
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-09 12:38:49.429
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-09 12:38:49.425
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-08 18:34:29.912
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-08 18:34:29.906
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-08 18:34:29.872
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-08 18:34:29.860
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Hewlett-Packard M73 Ver. 01.15 07/24/2015
Motherboard: Hewlett-Packard 2248
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 93%
Total physical RAM: 3987.11 MB
Available physical RAM: 258.07 MB
Total Virtual: 15712.85 MB
Available Virtual: 634.7 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:913.6 GB) (Free:741.65 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:14.57 GB) (Free:1.83 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32

\\?\Volume{69961a8a-791a-4af0-a4cc-b01415116d80}\ () (Fixed) (Total:0.85 GB) (Free:0.31 GB) NTFS
\\?\Volume{219cd572-d0dc-4546-a915-a2283f0e7829}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.27 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 319DBD81)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: problém s ntb

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {563B3866-0883-47AA-A50E-D8207A5D9420} - System32\Tasks\{CA49ADF7-E731-4BD1-9FC0-0FABA3D31AA5} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Michaela\Desktop\win64_154010.4300.exe -d C:\Users\Michaela\Desktop
Task: {991CFC20-163A-4E0F-9288-A2499B0B1BFC} - System32\Tasks\{70A01191-9630-4112-BFB0-FB0CE9F9A198} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\Easeware\DriverEasy\unins000.exe"
Task: {A0D5713B-FBAB-4DD6-A7D9-0E6B08091905} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-08-24] (Google Inc -> Google Inc.)
Task: {EC8AC46A-DFE7-49A9-A28C-04FDBEE020FE} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FF5545E6-DDCF-4047-9548-3734A7EA2C8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-08-24] (Google Inc -> Google Inc.)
C:\WINDOWS\KMSEmulator.exe
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\System32\Tasks\{A5EA487F-D976-4999-AE98-E42B7F1F52C7}
C:\WINDOWS\System32\Tasks\{CA49ADF7-E731-4BD1-9FC0-0FABA3D31AA5}
C:\WINDOWS\System32\Tasks\{70A01191-9630-4112-BFB0-FB0CE9F9A198}
C:\Users\Michaela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Michaela\AppData\Local\{FCDCF938-BFA7-4FB3-B656-2C3DF44FBA49}
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [TCP Query User{B08F552A-683A-4D2F-86CA-79F5760EE0A1}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe No File
FirewallRules: [UDP Query User{DBE81A8C-6DF0-42AD-9612-6042037AC7D9}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe No File
FirewallRules: [{29023CC9-4ACE-4AC3-98C6-F153757772DE}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe No File
FirewallRules: [{954E4E8C-8D56-4CF3-B8D7-BD25D617B7F4}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe No File
FirewallRules: [{3D8685EA-A440-4BD5-A36C-E5DAADB5846C}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe No File
FirewallRules: [{62A03B00-B92C-4AB5-A338-B941995C9E7B}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe No File
FirewallRules: [{FCDF75B4-4049-443B-AA73-02ED8E2A0F04}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe No File
FirewallRules: [{5C02E09D-0690-405C-9DCB-80FFDD4A91B5}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe No File
FirewallRules: [{176B9AE4-E3E8-4145-B0E6-AFE1E3B5250E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

em&M
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 16 led 2016 20:54

Re: problém s ntb

#7 Příspěvek od em&M »

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-06-2019
Ran by Michaela (09-06-2019 16:08:33) Run:1
Running from C:\Users\Michaela\Desktop
Loaded Profiles: Michaela (Available Profiles: Michaela)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {563B3866-0883-47AA-A50E-D8207A5D9420} - System32\Tasks\{CA49ADF7-E731-4BD1-9FC0-0FABA3D31AA5} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Michaela\Desktop\win64_154010.4300.exe -d C:\Users\Michaela\Desktop
Task: {991CFC20-163A-4E0F-9288-A2499B0B1BFC} - System32\Tasks\{70A01191-9630-4112-BFB0-FB0CE9F9A198} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\Easeware\DriverEasy\unins000.exe"
Task: {A0D5713B-FBAB-4DD6-A7D9-0E6B08091905} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-08-24] (Google Inc -> Google Inc.)
Task: {EC8AC46A-DFE7-49A9-A28C-04FDBEE020FE} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FF5545E6-DDCF-4047-9548-3734A7EA2C8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-08-24] (Google Inc -> Google Inc.)
C:\WINDOWS\KMSEmulator.exe
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\System32\Tasks\{A5EA487F-D976-4999-AE98-E42B7F1F52C7}
C:\WINDOWS\System32\Tasks\{CA49ADF7-E731-4BD1-9FC0-0FABA3D31AA5}
C:\WINDOWS\System32\Tasks\{70A01191-9630-4112-BFB0-FB0CE9F9A198}
C:\Users\Michaela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Michaela\AppData\Local\{FCDCF938-BFA7-4FB3-B656-2C3DF44FBA49}
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [TCP Query User{B08F552A-683A-4D2F-86CA-79F5760EE0A1}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe No File
FirewallRules: [UDP Query User{DBE81A8C-6DF0-42AD-9612-6042037AC7D9}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe No File
FirewallRules: [{29023CC9-4ACE-4AC3-98C6-F153757772DE}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe No File
FirewallRules: [{954E4E8C-8D56-4CF3-B8D7-BD25D617B7F4}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe No File
FirewallRules: [{3D8685EA-A440-4BD5-A36C-E5DAADB5846C}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe No File
FirewallRules: [{62A03B00-B92C-4AB5-A338-B941995C9E7B}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe No File
FirewallRules: [{FCDF75B4-4049-443B-AA73-02ED8E2A0F04}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe No File
FirewallRules: [{5C02E09D-0690-405C-9DCB-80FFDD4A91B5}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe No File
FirewallRules: [{176B9AE4-E3E8-4145-B0E6-AFE1E3B5250E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{563B3866-0883-47AA-A50E-D8207A5D9420} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{563B3866-0883-47AA-A50E-D8207A5D9420} => removed successfully
C:\WINDOWS\System32\Tasks\{CA49ADF7-E731-4BD1-9FC0-0FABA3D31AA5} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CA49ADF7-E731-4BD1-9FC0-0FABA3D31AA5} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{991CFC20-163A-4E0F-9288-A2499B0B1BFC} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{991CFC20-163A-4E0F-9288-A2499B0B1BFC} => removed successfully
C:\WINDOWS\System32\Tasks\{70A01191-9630-4112-BFB0-FB0CE9F9A198} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{70A01191-9630-4112-BFB0-FB0CE9F9A198} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0D5713B-FBAB-4DD6-A7D9-0E6B08091905} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0D5713B-FBAB-4DD6-A7D9-0E6B08091905} => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC8AC46A-DFE7-49A9-A28C-04FDBEE020FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC8AC46A-DFE7-49A9-A28C-04FDBEE020FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FF5545E6-DDCF-4047-9548-3734A7EA2C8B}" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FF5545E6-DDCF-4047-9548-3734A7EA2C8B} => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => removed successfully
C:\WINDOWS\KMSEmulator.exe => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\WINDOWS\System32\Tasks\{A5EA487F-D976-4999-AE98-E42B7F1F52C7} => moved successfully
"C:\WINDOWS\System32\Tasks\{CA49ADF7-E731-4BD1-9FC0-0FABA3D31AA5}" => not found
"C:\WINDOWS\System32\Tasks\{70A01191-9630-4112-BFB0-FB0CE9F9A198}" => not found
C:\Users\Michaela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\Michaela\AppData\Local\{FCDCF938-BFA7-4FB3-B656-2C3DF44FBA49} => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B08F552A-683A-4D2F-86CA-79F5760EE0A1}C:\program files\openshot video editor\launch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DBE81A8C-6DF0-42AD-9612-6042037AC7D9}C:\program files\openshot video editor\launch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29023CC9-4ACE-4AC3-98C6-F153757772DE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{954E4E8C-8D56-4CF3-B8D7-BD25D617B7F4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D8685EA-A440-4BD5-A36C-E5DAADB5846C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{62A03B00-B92C-4AB5-A338-B941995C9E7B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FCDF75B4-4049-443B-AA73-02ED8E2A0F04}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C02E09D-0690-405C-9DCB-80FFDD4A91B5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{176B9AE4-E3E8-4145-B0E6-AFE1E3B5250E}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 153258139 B
Java, Flash, Steam htmlcache => 343 B
Windows/system/drivers => 18525607 B
Edge => 2869026 B
Chrome => 43510888 B
Firefox => 662378 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 867418962 B
systemprofile32 => 53733918 B
LocalService => 46510 B
LocalService => 0 B
NetworkService => 81757168 B
NetworkService => 0 B
Michaela => 58493821 B

RecycleBin => 108082 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:11:20 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: problém s ntb

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

em&M
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 16 led 2016 20:54

Re: problém s ntb

#9 Příspěvek od em&M »

Moc děkuji.
Uvidíme, zatím nic nepadá... (jen je docela pomalý)

em&M
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 16 led 2016 20:54

Re: problém s ntb

#10 Příspěvek od em&M »

No, tak nic... zase všechno spadlo a vypla se mi obrazovka

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: problém s ntb

#11 Příspěvek od Rudy »

em&M píše:No, tak nic... zase všechno spadlo a vypla se mi obrazovka
Nechápu. Psal jste něco o nezdařené aktualizaci. Pokud můžete PC nastartovat alespoň do nouz. režimu, stáhněte, nainstalujte a spusťte CrystalDiskInfo: https://www.stahuj.cz/utility_a_ostatni ... ldiskinfo/ a přes Úpravy>Kopírovat sem dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

em&M
Návštěvník
Návštěvník
Příspěvky: 29
Registrován: 16 led 2016 20:54

Re: problém s ntb

#12 Příspěvek od em&M »

----------------------------------------------------------------------------
CrystalDiskInfo 8.0.0 (C) 2008-2018 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 17763] (x64)
Date : 2019/06/09 18:00:03

-- Controller Map ----------------------------------------------------------
+ Intel(R) 9 Series Chipset Family SATA AHCI Controller [ATA]
- HGST HTS541010A9E680
- hp DVDRW GUB0N
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) HGST HTS541010A9E680 : 1000,2 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) HGST HTS541010A9E680
----------------------------------------------------------------------------
Model : HGST HTS541010A9E680
Firmware : JA0OA710
Serial Number : JA1080SB08EUHP
Disk Size : 1000,2 GB (8,4/137,4/1000,2/----)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 13975 hod.
Power On Count : 1938 krát
Temperature : 38 C (100 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : ----
Drive Letter : C: D: E:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 _96 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 166 100 _33 001200000001 Čas na roztočení ploten
04 _99 _99 __0 000000000794 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _69 _69 __0 000000003697 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 __0 000000000792 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _97 000000000000 Ukončovacích chyb
BB 100 100 __0 000400010000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _62 _61 _45 000026260026 Teplota toku vzduchu
BF _88 _88 __0 000000000C35 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000430043 Počet vypnutí disku
C1 _99 _99 __0 000000004B67 Počet cyklů načítání/vymazání
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 4A41 3130 3830 5342 3038 4555 4850
020: 0003 4000 0004 4A41 304F 4137 3130 4847 5354 2048
030: 5453 3534 3130 3130 4139 4536 3830 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0008
070: 0000 0000 0000 0000 0000 001F 8D0E 0006 004C 004C
080: 03FC 0028 706B 7C69 6123 7069 BC49 6123 407F 0075
090: 0076 4080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 826C 5000 CCA8
110: A0C3 D6DB 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 2182 1CF1 7A00 0000 4000 2000 0009 0000
140: 0000 0405 0406 0703 0405 0000 0000 0000 0000 0000
150: 0000 0003 3048 4237 0000 2804 0000 5DBD 2388 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 6DB0 7470 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 AAA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 60 00 00 00 00 00 00 00 02 25
010: 00 64 64 00 00 00 00 00 00 00 03 23 00 A6 64 01
020: 00 00 00 12 00 00 04 32 00 63 63 94 07 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 2F
040: 00 64 64 00 00 00 00 00 00 00 08 25 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 45 45 97 36 00 00 00
060: 00 00 0A 33 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 63 63 92 07 00 00 00 00 00 B7 32 00 64 64 00
080: 00 00 00 00 00 00 B8 33 00 64 64 00 00 00 00 00
090: 00 00 BB 32 00 64 64 00 00 01 00 04 00 00 BC 32
0A0: 00 64 64 00 00 00 00 00 00 00 BE 22 00 3E 3D 26
0B0: 00 26 26 00 00 00 BF 32 00 58 58 35 0C 00 00 00
0C0: 00 00 C0 32 00 64 64 43 00 43 00 00 00 00 C1 32
0D0: 00 63 63 67 4B 00 00 00 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 32 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 36
100: 00 64 64 00 00 00 00 00 00 00 DF 2A 00 64 64 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 2D 00 01 51
170: 03 00 01 00 02 EC 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9C

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 3E 00 00 00 00 00 00 00 00 00 00 02 28
010: 00 00 00 00 00 00 00 00 00 00 03 21 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 05 00 00 00 00 00 00 00 00 00 00 07 43
040: 00 00 00 00 00 00 00 00 00 00 08 28 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 3C 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 B7 00 00 00 00 00
080: 00 00 00 00 00 00 B8 61 00 00 00 00 00 00 00 00
090: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BC 00
0A0: 00 00 00 00 00 00 00 00 00 00 BE 2D 00 00 00 00
0B0: 00 00 00 00 00 00 BF 00 00 00 00 00 00 00 00 00
0C0: 00 00 C0 00 00 00 00 00 00 00 00 00 00 00 C1 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 DF 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 19

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: problém s ntb

#13 Příspěvek od Rudy »

Disk je v pořádku. Zkuste tedy obnovu systému k datu, kdy korektně fungoval. Možná dělá problém nekorektně nainstalovaná aktualizace. Pomalý chod a pády spíše nasvědčovaly problému s diskem.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět