Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pmalý notebook - Přeinstalovaý Windows přes Linux

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Sirius
Návštěvník
Návštěvník
Příspěvky: 169
Registrován: 18 zář 2014 17:21

Pmalý notebook - Přeinstalovaý Windows přes Linux

#1 Příspěvek od Sirius »

Zdravíčko,

mamka má notebook, na kterém byl po zakoupení předinstalovaný Linux, nicméně chtěla nainstalovat Windows 10. Táta má naprosto stejný, také přeinstalovaný, nicméně problémy s rychlostí nemá.

Nutno také podotknout, že po instalaci se zobrazil 1 disk navíc, který v notebooku fyzicky není a táta ho taktéž nemá, a to WINDRIVER (D:), na kterém jsou jakési složky od Aceru.

Jelikož na notebooku nemá téměř nic kromě Adobe, Office, Chrome a Skype, nevím, co by mohlo problém způsobovat.

Přikládám RSIT log a za rady budu rád. Děkuji :)

Log

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sněhurka at 2019-06-24 14:08:17
Microsoft Windows 10 Pro
System drive C: has 61 GB (13%) free of 473 GB
Total RAM: 3930 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:08:27, on 24.06.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0001)
Boot mode: Normal

Running processes:
C:\Program Files\trend micro\Sněhurka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Sněhurka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: AtherosSvc - Unknown owner - C:\Windows\System32\drivers\AdminService.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10031 bytes

======Listing Processes======








winlogon.exe


C:\Windows\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\Windows\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\Windows\system32\svchost.exe -k RPCSS -p
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\Windows\system32\svchost.exe -k LocalService -p -s bthserv
C:\Windows\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\Windows\system32\svchost.exe -k LocalService -p
C:\Windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\Windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -s BTAGService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\Windows\system32\svchost.exe -k appmodel -p -s camsvc
C:\Windows\System32\svchost.exe -k netsvcs -p -s Themes
C:\Windows\system32\svchost.exe -k LocalService -p -s EventSystem
C:\Windows\system32\svchost.exe -k LocalService -p -s nsi
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\Windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\Windows\system32\svchost.exe -k LocalService -p -s FontCache
C:\Windows\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\Windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\System32\svchost.exe -k LocalService -p -s netprofm
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\Windows\System32\svchost.exe -k netsvcs -p -s ShellHWDetection

sihost.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}

C:\Windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\Windows\System32\svchost.exe -k netsvcs -p -s BDESVC
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\Windows\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\Windows\system32\svchost.exe -k LocalService -p -s fdPHost
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
"C:\Windows\system32\igfxEM.exe"
"C:\Windows\system32\igfxHK.exe"
"C:\Windows\system32\igfxTray.exe"
dashost.exe {7134f45b-555b-44dc-a7416185b31e794b}
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\Windows\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\Windows\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\Windows\System32\svchost.exe -k utcsvc -p
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\Windows\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\Windows\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\Windows\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\Windows\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k NetworkService -p -s TapiSrv
C:\Windows\System32\drivers\AdminService.exe

"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
C:\Windows\System32\svchost.exe -k LocalService -p -s WdiServiceHost
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
C:\Windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\Windows\System32\svchost.exe -k netsvcs
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager

"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19053.13.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Sněhurka\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Sněhurka\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Sněhurka\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=75.0.3770.100 --initial-client-data=0x208,0x20c,0x210,0x204,0x214,0x7ffe40783ef8,0x7ffe40783f08,0x7ffe40783f18
AvastUI.exe /nogui
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6696 --on-initialized-event-handle=728 --parent-handle=64 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1852,6298576566950026079,8926787288455293957,131072 --gpu-preferences=KAAAAAAAAADgAAAgAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=5319483546520932868 --mojo-platform-channel-handle=1856 --ignored=" --type=renderer " /prefetch:2
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1852,6298576566950026079,8926787288455293957,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=2411472504278135588 --mojo-platform-channel-handle=2292 /prefetch:8

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1852,6298576566950026079,8926787288455293957,131072 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13272278011716925738 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1852,6298576566950026079,8926787288455293957,131072 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17307326843720941389 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1852,6298576566950026079,8926787288455293957,131072 --disable-gpu-compositing --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6312703309986587193 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6120 /prefetch:1




"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
"C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe"

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Windows\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\Windows\system32\AUDIODG.EXE 0x438
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1852,6298576566950026079,8926787288455293957,131072 --disable-gpu-compositing --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14359990637087205562 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2352 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 768 772 780 8192 776
C:\Windows\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Users\Sněhurka\Downloads\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-04 166360]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Windows\system32\SecurityHealthSystray.exe [2018-09-15 83968]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11 509936]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-05-27 262024]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2019-05-04 2849872]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Sněhurka\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-06-15 1586488]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-12-10 19589208]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2016-10-12 2383040]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-06-24 14:08:17 ----D---- C:\rsit
2019-06-24 14:08:17 ----D---- C:\Program Files\trend micro
2019-06-24 13:24:56 ----HD---- C:\$AV_ASW
2019-06-24 13:23:05 ----A---- C:\Windows\OInstall.exe
2019-06-19 20:18:19 ----D---- C:\Program Files\UNP
2019-06-15 00:12:37 ----A---- C:\Windows\system32\fpfftResultsFile.txt
2019-06-13 23:44:34 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2019-06-13 23:44:33 ----A---- C:\Windows\SYSWOW64\Windows.Media.dll
2019-06-13 23:44:33 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2019-06-13 23:44:31 ----A---- C:\Windows\SYSWOW64\fveapibase.dll
2019-06-13 23:44:31 ----A---- C:\Windows\SYSWOW64\fveapi.dll
2019-06-13 23:44:31 ----A---- C:\Windows\system32\Windows.Media.dll
2019-06-13 23:44:31 ----A---- C:\Windows\system32\fveapibase.dll
2019-06-13 23:44:31 ----A---- C:\Windows\system32\fveapi.dll
2019-06-13 23:44:12 ----A---- C:\Windows\system32\HoloSI.PCShell.dll
2019-06-13 23:44:11 ----A---- C:\Windows\system32\assignedaccessmanagersvc.dll
2019-06-13 23:44:10 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2019-06-13 23:44:10 ----A---- C:\Windows\system32\AssignedAccessManager.dll
2019-06-13 23:44:09 ----A---- C:\Windows\SYSWOW64\EdgeManager.dll
2019-06-13 23:44:07 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2019-06-13 23:44:06 ----A---- C:\Windows\SYSWOW64\webplatstorageserver.dll
2019-06-13 23:44:05 ----A---- C:\Windows\SYSWOW64\msltus40.dll
2019-06-13 23:44:05 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2019-06-13 23:44:05 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2019-06-13 23:44:05 ----A---- C:\Windows\SYSWOW64\ieproxy.dll
2019-06-13 23:44:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2019-06-13 23:44:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2019-06-13 23:44:02 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2019-06-13 23:44:01 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2019-06-13 23:44:00 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2019-06-13 23:44:00 ----A---- C:\Windows\SYSWOW64\Chakra.dll
2019-06-13 23:43:59 ----A---- C:\Windows\SYSWOW64\msi.dll
2019-06-13 23:43:59 ----A---- C:\Windows\SYSWOW64\esentutl.exe
2019-06-13 23:43:59 ----A---- C:\Windows\system32\wwansvc.dll
2019-06-13 23:43:58 ----A---- C:\Windows\system32\SIHClient.exe
2019-06-13 23:43:54 ----A---- C:\Windows\system32\msi.dll
2019-06-13 23:43:51 ----A---- C:\Windows\system32\mshtml.dll
2019-06-13 23:43:51 ----A---- C:\Windows\system32\ie4uinit.exe
2019-06-13 23:43:50 ----A---- C:\Windows\system32\jscript9.dll
2019-06-13 23:43:50 ----A---- C:\Windows\system32\iedkcs32.dll
2019-06-13 23:43:48 ----A---- C:\Windows\system32\ieframe.dll
2019-06-13 23:43:46 ----A---- C:\Windows\system32\msfeeds.dll
2019-06-13 23:43:46 ----A---- C:\Windows\system32\Chakradiag.dll
2019-06-13 23:43:46 ----A---- C:\Windows\system32\Chakra.dll
2019-06-13 23:43:46 ----A---- C:\Windows\system32\EdgeManager.dll
2019-06-13 23:43:43 ----A---- C:\Windows\system32\edgehtml.dll
2019-06-13 23:43:42 ----A---- C:\Windows\system32\webplatstorageserver.dll
2019-06-13 23:43:42 ----A---- C:\Windows\system32\StorSvc.dll
2019-06-13 23:43:42 ----A---- C:\Windows\system32\ieproxy.dll
2019-06-13 23:43:42 ----A---- C:\Windows\system32\esentutl.exe
2019-06-13 23:43:39 ----A---- C:\Windows\system32\spacebridge.dll
2019-06-13 23:43:38 ----A---- C:\Windows\system32\bcastdvruserservice.dll
2019-06-13 23:43:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-06-13 23:43:37 ----A---- C:\Windows\SYSWOW64\shell32.dll
2019-06-13 23:43:36 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2019-06-13 23:43:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2019-06-13 23:43:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2019-06-13 23:43:34 ----A---- C:\Windows\SYSWOW64\policymanager.dll
2019-06-13 23:43:34 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2019-06-13 23:43:34 ----A---- C:\Windows\SYSWOW64\gdi32full.dll
2019-06-13 23:43:33 ----A---- C:\Windows\SYSWOW64\usoapi.dll
2019-06-13 23:43:33 ----A---- C:\Windows\SYSWOW64\mdmregistration.dll
2019-06-13 23:43:33 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2019-06-13 23:43:33 ----A---- C:\Windows\SYSWOW64\credprovhost.dll
2019-06-13 23:43:33 ----A---- C:\Windows\SYSWOW64\AppResolver.dll
2019-06-13 23:43:31 ----A---- C:\Windows\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-13 23:43:31 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2019-06-13 23:43:30 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryPS.dll
2019-06-13 23:43:30 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryCore.dll
2019-06-13 23:43:30 ----A---- C:\Windows\SYSWOW64\Windows.StateRepository.dll
2019-06-13 23:43:29 ----RA---- C:\Windows\SYSWOW64\icuin.dll
2019-06-13 23:43:29 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-13 23:43:29 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryClient.dll
2019-06-13 23:43:29 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryBroker.dll
2019-06-13 23:43:29 ----A---- C:\Windows\SYSWOW64\StateRepository.Core.dll
2019-06-13 23:43:28 ----A---- C:\Windows\SYSWOW64\wpnapps.dll
2019-06-13 23:43:28 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2019-06-13 23:43:27 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2019-06-13 23:43:26 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2019-06-13 23:43:26 ----A---- C:\Windows\SYSWOW64\cdp.dll
2019-06-13 23:43:26 ----A---- C:\Windows\SYSWOW64\AssignedAccessRuntime.dll
2019-06-13 23:43:25 ----A---- C:\Windows\SYSWOW64\twinui.dll
2019-06-13 23:43:25 ----A---- C:\Windows\SYSWOW64\TokenBrokerUI.dll
2019-06-13 23:43:07 ----A---- C:\Windows\SYSWOW64\sppcext.dll
2019-06-13 23:43:07 ----A---- C:\Windows\SYSWOW64\slcext.dll
2019-06-13 23:43:06 ----A---- C:\Windows\SYSWOW64\Windows.Web.dll
2019-06-13 23:43:05 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2019-06-13 23:43:04 ----A---- C:\Windows\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-13 23:43:04 ----A---- C:\Windows\SYSWOW64\TokenBroker.dll
2019-06-13 23:43:03 ----A---- C:\Windows\SYSWOW64\CompPkgSup.dll
2019-06-13 23:43:03 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2019-06-13 23:43:03 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2019-06-13 23:43:03 ----A---- C:\Windows\system32\DeviceEnroller.exe
2019-06-13 23:43:02 ----A---- C:\Windows\system32\WebRuntimeManager.dll
2019-06-13 23:43:02 ----A---- C:\Windows\system32\policymanager.dll
2019-06-13 23:43:01 ----A---- C:\Windows\system32\GdiPlus.dll
2019-06-13 23:43:01 ----A---- C:\Windows\system32\gdi32full.dll
2019-06-13 23:43:00 ----A---- C:\Windows\system32\wininet.dll
2019-06-13 23:43:00 ----A---- C:\Windows\system32\iertutil.dll
2019-06-13 23:42:59 ----A---- C:\Windows\system32\urlmon.dll
2019-06-13 23:42:59 ----A---- C:\Windows\system32\mf3216.dll
2019-06-13 23:42:59 ----A---- C:\Windows\system32\credprovhost.dll
2019-06-13 23:42:58 ----A---- C:\Windows\system32\usermgr.dll
2019-06-13 23:42:58 ----A---- C:\Windows\system32\drivers\srv2.sys
2019-06-13 23:42:58 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2019-06-13 23:42:57 ----A---- C:\Windows\system32\drivers\tcpip.sys
2019-06-13 23:42:57 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2019-06-13 23:42:57 ----A---- C:\Windows\system32\bcryptprimitives.dll
2019-06-13 23:42:56 ----A---- C:\Windows\system32\drivers\ntfs.sys
2019-06-13 23:42:56 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2019-06-13 23:42:54 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2019-06-13 23:42:54 ----A---- C:\Windows\system32\wdigest.dll
2019-06-13 23:42:53 ----A---- C:\Windows\system32\twinui.dll
2019-06-13 23:42:53 ----A---- C:\Windows\system32\TokenBrokerUI.dll
2019-06-13 23:42:53 ----A---- C:\Windows\system32\taskcomp.dll
2019-06-13 23:42:53 ----A---- C:\Windows\system32\schedsvc.dll
2019-06-13 23:42:53 ----A---- C:\Windows\system32\msctf.dll
2019-06-13 23:42:52 ----A---- C:\Windows\system32\winresume.exe
2019-06-13 23:42:51 ----A---- C:\Windows\system32\winload.exe
2019-06-13 23:42:49 ----A---- C:\Windows\system32\NotificationController.dll
2019-06-13 23:42:48 ----A---- C:\Windows\system32\NotificationControllerPS.dll
2019-06-13 23:42:47 ----A---- C:\Windows\system32\SettingsHandlers_Language.dll
2019-06-13 23:42:47 ----A---- C:\Windows\system32\NetworkMobileSettings.dll
2019-06-13 23:42:47 ----A---- C:\Windows\system32\AppResolver.dll
2019-06-13 23:42:45 ----A---- C:\Windows\system32\shell32.dll
2019-06-13 23:42:44 ----A---- C:\Windows\system32\pku2u.dll
2019-06-13 23:42:43 ----A---- C:\Windows\system32\vbscript.dll
2019-06-13 23:42:43 ----A---- C:\Windows\system32\sppsvc.exe
2019-06-13 23:42:43 ----A---- C:\Windows\system32\sppcext.dll
2019-06-13 23:42:43 ----A---- C:\Windows\system32\slcext.dll
2019-06-13 23:42:40 ----A---- C:\Windows\system32\LanguageComponentsInstaller.dll
2019-06-13 23:42:40 ----A---- C:\Windows\system32\AxInstSv.dll
2019-06-13 23:42:39 ----A---- C:\Windows\system32\hal.dll
2019-06-13 23:42:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-06-13 23:42:38 ----A---- C:\Windows\system32\mdmregistration.dll
2019-06-13 23:42:37 ----A---- C:\Windows\system32\win32kfull.sys
2019-06-13 23:42:36 ----A---- C:\Windows\system32\win32k.sys
2019-06-13 23:42:36 ----A---- C:\Windows\system32\rdpcore.dll
2019-06-13 23:42:36 ----A---- C:\Windows\system32\PsmServiceExtHost.dll
2019-06-13 23:42:35 ----A---- C:\Windows\system32\wpnapps.dll
2019-06-13 23:42:34 ----A---- C:\Windows\system32\wpncore.dll
2019-06-13 23:42:34 ----A---- C:\Windows\system32\storewuauth.dll
2019-06-13 23:42:33 ----A---- C:\Windows\system32\EdgeContent.dll
2019-06-13 23:42:33 ----A---- C:\Windows\system32\drivers\dxgmms2.sys
2019-06-13 23:42:32 ----A---- C:\Windows\system32\win32kbase.sys
2019-06-13 23:42:32 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2019-06-13 23:42:31 ----A---- C:\Windows\system32\FntCache.dll
2019-06-13 23:42:31 ----A---- C:\Windows\system32\DWrite.dll
2019-06-13 23:42:30 ----A---- C:\Windows\system32\cdp.dll
2019-06-13 23:42:30 ----A---- C:\Windows\system32\AssignedAccessRuntime.dll
2019-06-13 23:42:29 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2019-06-13 23:42:28 ----A---- C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-13 23:42:28 ----A---- C:\Windows\system32\TokenBroker.dll
2019-06-13 23:42:28 ----A---- C:\Windows\system32\smartscreen.exe
2019-06-13 23:42:28 ----A---- C:\Windows\system32\aadcloudap.dll
2019-06-13 23:42:25 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-06-13 23:42:25 ----A---- C:\Windows\system32\SecurityHealthAgent.dll
2019-06-13 23:42:25 ----A---- C:\Windows\system32\ApplyTrustOffline.exe
2019-06-13 23:42:24 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2019-06-13 23:42:24 ----A---- C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-06-13 23:42:24 ----A---- C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-06-13 23:42:21 ----A---- C:\Windows\system32\wmicmiplugin.dll
2019-06-13 23:42:21 ----A---- C:\Windows\system32\Windows.Web.dll
2019-06-13 23:42:21 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2019-06-13 23:42:04 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2019-06-13 23:42:03 ----A---- C:\Windows\system32\audiosrv.dll
2019-06-13 23:42:03 ----A---- C:\Windows\system32\AudioSes.dll
2019-06-13 23:42:03 ----A---- C:\Windows\system32\AudioEng.dll
2019-06-13 23:42:02 ----A---- C:\Windows\system32\CompPkgSup.dll
2019-06-13 23:42:02 ----A---- C:\Windows\system32\CompPkgSrv.exe
2019-06-13 23:42:02 ----A---- C:\Windows\system32\browserbroker.dll
2019-06-13 23:42:02 ----A---- C:\Windows\system32\audiodg.exe
2019-06-13 23:42:00 ----A---- C:\Windows\system32\WaaSMedicSvc.dll
2019-06-13 23:42:00 ----A---- C:\Windows\system32\WaaSMedicCapsule.dll
2019-06-13 23:42:00 ----A---- C:\Windows\system32\WaaSMedicAgent.exe
2019-06-13 23:42:00 ----A---- C:\Windows\system32\AppReadiness.dll
2019-06-13 23:41:59 ----A---- C:\Windows\system32\usocore.dll
2019-06-13 23:41:59 ----A---- C:\Windows\system32\UsoClient.exe
2019-06-13 23:41:59 ----A---- C:\Windows\system32\usoapi.dll
2019-06-13 23:41:59 ----A---- C:\Windows\system32\updatehandlers.dll
2019-06-13 23:41:59 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2019-06-13 23:41:59 ----A---- C:\Windows\system32\MusNotifyIcon.exe
2019-06-13 23:41:58 ----A---- C:\Windows\system32\wuuhext.dll
2019-06-13 23:41:58 ----A---- C:\Windows\system32\wups2.dll
2019-06-13 23:41:58 ----A---- C:\Windows\system32\wups.dll
2019-06-13 23:41:58 ----A---- C:\Windows\system32\wuapi.dll
2019-06-13 23:41:57 ----A---- C:\Windows\system32\wuaueng.dll
2019-06-13 23:41:57 ----A---- C:\Windows\system32\mf.dll
2019-06-13 23:41:57 ----A---- C:\Windows\system32\drivers\clfs.sys
2019-06-13 23:41:56 ----A---- C:\Windows\system32\SDDS.dll
2019-06-13 23:41:56 ----A---- C:\Windows\system32\JpnServiceDS.dll
2019-06-13 23:41:56 ----A---- C:\Windows\system32\FilterDS.dll
2019-06-13 23:41:56 ----A---- C:\Windows\system32\DDDS.dll
2019-06-13 23:41:56 ----A---- C:\Windows\system32\BingFilterDS.dll
2019-06-13 23:41:56 ----A---- C:\Windows\system32\BingASDS.dll
2019-06-13 23:41:55 ----A---- C:\Windows\system32\tcblaunch.exe
2019-06-13 23:41:55 ----A---- C:\Windows\system32\lsasrv.dll
2019-06-13 23:41:55 ----A---- C:\Windows\system32\drivers\cng.sys
2019-06-13 23:41:54 ----A---- C:\Windows\system32\srvsvc.dll
2019-06-13 23:41:54 ----A---- C:\Windows\system32\securekernel.exe
2019-06-13 23:41:54 ----A---- C:\Windows\system32\kerberos.dll
2019-06-13 23:41:54 ----A---- C:\Windows\system32\esent.dll
2019-06-13 23:41:53 ----A---- C:\Windows\SYSWOW64\userenv.dll
2019-06-13 23:41:53 ----A---- C:\Windows\SYSWOW64\tzres.dll
2019-06-13 23:41:53 ----A---- C:\Windows\system32\tzres.dll
2019-06-13 23:41:53 ----A---- C:\Windows\system32\KerbClientShared.dll
2019-06-13 23:41:53 ----A---- C:\Windows\system32\drivers\storport.sys
2019-06-13 23:41:52 ----A---- C:\Windows\system32\userenv.dll
2019-06-13 23:41:52 ----A---- C:\Windows\system32\samsrv.dll
2019-06-13 23:41:52 ----A---- C:\Windows\system32\msv1_0.dll
2019-06-13 23:41:52 ----A---- C:\Windows\system32\ci.dll
2019-06-13 23:41:51 ----A---- C:\Windows\system32\schannel.dll
2019-06-13 23:41:50 ----RA---- C:\Windows\system32\icuin.dll
2019-06-13 23:41:48 ----A---- C:\Windows\system32\windows.storage.dll
2019-06-13 23:41:47 ----A---- C:\Windows\system32\Windows.StateRepositoryCore.dll
2019-06-13 23:41:47 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2019-06-13 23:41:46 ----A---- C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2019-06-13 23:41:46 ----A---- C:\Windows\system32\Windows.StateRepositoryPS.dll
2019-06-13 23:41:46 ----A---- C:\Windows\system32\Windows.StateRepositoryClient.dll
2019-06-13 23:41:46 ----A---- C:\Windows\system32\Windows.StateRepositoryBroker.dll
2019-06-13 23:41:46 ----A---- C:\Windows\system32\StateRepository.Core.dll
2019-06-13 23:41:45 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2019-06-13 23:41:45 ----A---- C:\Windows\system32\drivers\winnat.sys
2019-06-13 23:41:43 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2019-06-13 23:41:40 ----A---- C:\Windows\SYSWOW64\win32kfull.sys
2019-06-13 23:41:40 ----A---- C:\Windows\SYSWOW64\spacebridge.dll
2019-06-13 23:41:40 ----A---- C:\Windows\SYSWOW64\msctf.dll
2019-06-13 23:41:39 ----A---- C:\Windows\SYSWOW64\wups.dll
2019-06-13 23:41:39 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2019-06-13 23:41:39 ----A---- C:\Windows\SYSWOW64\esent.dll
2019-06-13 23:41:38 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2019-06-13 23:41:38 ----A---- C:\Windows\SYSWOW64\KerbClientShared.dll
2019-06-13 23:41:36 ----A---- C:\Windows\system32\hvloader.dll
2019-06-13 23:41:36 ----A---- C:\Windows\system32\drivers\hvservice.sys
2019-06-13 23:41:35 ----A---- C:\Windows\system32\hvix64.exe
2019-06-13 23:41:35 ----A---- C:\Windows\system32\hvax64.exe
2019-06-13 23:41:34 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2019-06-13 23:41:34 ----A---- C:\Windows\system32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-13 23:41:34 ----A---- C:\Windows\system32\drivers\bthport.sys
2019-06-13 23:41:33 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2019-06-13 23:41:33 ----A---- C:\Windows\system32\drivers\spaceport.sys
2019-06-13 23:41:33 ----A---- C:\Windows\system32\drivers\spacedump.sys
2019-06-12 22:59:52 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2019-05-27 22:55:02 ----A---- C:\Windows\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2019-06-24 14:08:24 ----D---- C:\Windows\Temp
2019-06-24 14:08:17 ----RD---- C:\Program Files
2019-06-24 14:04:54 ----D---- C:\Windows
2019-06-24 14:02:26 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-06-24 14:01:41 ----D---- C:\Windows\system32\sru
2019-06-24 14:01:06 ----D---- C:\Windows\System32
2019-06-24 14:01:06 ----A---- C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-06-24 13:47:58 ----D---- C:\Windows\Prefetch
2019-06-24 13:47:38 ----D---- C:\Windows\Panther
2019-06-24 13:47:38 ----D---- C:\Windows\INF
2019-06-24 13:47:37 ----D---- C:\Windows\debug
2019-06-24 13:26:58 ----D---- C:\Windows\Logs
2019-06-24 13:26:16 ----D---- C:\Windows\system32\drivers
2019-06-24 13:25:20 ----D---- C:\Windows\system32\catroot2
2019-06-24 13:23:07 ----D---- C:\Windows\system32\Tasks
2019-06-24 13:20:11 ----D---- C:\Windows\system32\drivers\wd
2019-06-24 11:59:51 ----D---- C:\Users\Sněhurka\AppData\Roaming\uTorrent
2019-06-24 11:07:08 ----D---- C:\Windows\system32\SleepStudy
2019-06-23 13:51:23 ----RD---- C:\Windows\Microsoft.NET
2019-06-23 08:13:22 ----D---- C:\Users\Sněhurka\AppData\Roaming\vlc
2019-06-23 06:00:00 ----D---- C:\Windows\system32\LogFiles
2019-06-22 10:17:43 ----D---- C:\Windows\system32\config
2019-06-22 04:05:11 ----SHD---- C:\System Volume Information
2019-06-22 04:03:18 ----D---- C:\Windows\WinSxS
2019-06-21 11:39:49 ----HD---- C:\Program Files\WindowsApps
2019-06-21 11:39:36 ----D---- C:\ProgramData\Packages
2019-06-17 15:17:21 ----D---- C:\Windows\AppReadiness
2019-06-16 23:46:08 ----D---- C:\Windows\LiveKernelReports
2019-06-16 08:41:52 ----SHD---- C:\Windows\Installer
2019-06-16 08:41:19 ----D---- C:\Program Files\Common Files\microsoft shared
2019-06-16 08:38:36 ----D---- C:\Program Files\Microsoft Office
2019-06-15 22:58:39 ----D---- C:\Windows\SysWOW64
2019-06-15 00:12:03 ----D---- C:\Windows\system32\DAX2
2019-06-15 00:12:01 ----D---- C:\Windows\system32\DAX3
2019-06-15 00:11:28 ----D---- C:\Windows\SYSWOW64\RTCOM
2019-06-15 00:10:34 ----D---- C:\Windows\system32\DriverStore
2019-06-14 12:36:23 ----D---- C:\Windows\SYSWOW64\migration
2019-06-14 12:36:08 ----D---- C:\Windows\system32\wbem
2019-06-14 12:36:07 ----D---- C:\Windows\system32\migwiz
2019-06-14 12:36:07 ----D---- C:\Windows\system32\migration
2019-06-14 12:36:07 ----D---- C:\Windows\system32\cs-CZ
2019-06-14 12:36:06 ----D---- C:\Windows\system32\Boot
2019-06-14 12:35:47 ----D---- C:\Windows\bcastdvr
2019-06-14 12:35:47 ----D---- C:\Windows\apppatch
2019-06-14 12:35:46 ----RD---- C:\Program Files\Windows Defender
2019-06-14 12:35:46 ----D---- C:\Program Files (x86)\Internet Explorer
2019-06-14 12:35:45 ----D---- C:\Program Files\internet explorer
2019-06-13 23:50:29 ----D---- C:\Windows\CbsTemp
2019-06-12 23:02:00 ----D---- C:\Windows\system32\MRT
2019-06-12 23:01:43 ----AC---- C:\Windows\system32\MRT.exe
2019-05-31 20:03:36 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2019-05-27 22:55:02 ----HD---- C:\Windows\ELAMBKUP

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2019-05-27 37104]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2019-05-27 205848]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2019-05-27 61472]
R0 aswElam;aswElam; C:\Windows\system32\drivers\aswElam.sys [2019-01-10 15488]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2019-05-27 87944]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2019-05-30 385880]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2018-12-17 55608]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\Windows\system32\drivers\mssecflt.sys [2019-05-15 317240]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\Windows\system32\drivers\SgrmAgent.sys [2018-09-15 87552]
R1 afunix;afunix; C:\Windows\system32\drivers\afunix.sys [2018-09-15 40960]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2019-05-27 207448]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2019-05-27 262496]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2019-05-27 42288]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2019-05-27 112312]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-05-27 1030784]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-05-27 477584]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2018-09-15 63288]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2018-09-15 60416]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2018-09-15 8704]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-06-20 168104]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2019-06-17 225600]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2019-03-13 452096]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2018-12-17 51712]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\System32\drivers\athw8x.sys [2018-09-15 4233728]
R3 BtFilter;BtFilter; C:\Windows\System32\drivers\btfilter.sys [2018-06-26 69440]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2018-12-17 111104]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-06-13 90624]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2018-09-15 133120]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\drivers\BTHUSB.sys [2019-05-15 92672]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2018-09-15 63288]
R3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2018-09-15 36352]
R3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2018-09-15 91136]
R3 igfxLP;igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [2018-04-11 7408584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2019-05-02 6840400]
R3 IntcDAud;@oem3.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2018-09-15 202240]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\Windows\System32\drivers\rt640x64.sys [2018-09-15 605696]
R3 RTSUER;@oem6.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\Windows\system32\Drivers\RtsUer.sys [2018-11-23 451616]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\Windows\System32\drivers\bttflt.sys [2018-09-15 42504]
S0 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2018-09-15 319488]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\Windows\System32\drivers\iaStorAVC.sys [2018-09-15 885048]
S0 ItSas35i;ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [2018-09-15 148480]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2018-09-15 124416]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2018-09-15 128512]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2018-09-15 75264]
S0 megasas35i;megasas35i; C:\Windows\System32\drivers\megasas35i.sys [2018-09-15 79872]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2018-09-15 58880]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2018-09-15 68608]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2018-09-15 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2018-09-15 135168]
S0 SmartSAMD;SmartSAMD; C:\Windows\System32\drivers\SmartSAMD.sys [2018-09-15 219960]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2018-09-15 19968]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2018-09-15 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\Windows\system32\drivers\AppvStrm.sys [2018-09-15 137016]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\Windows\system32\drivers\AppvVemgr.sys [2019-03-13 174392]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\Windows\system32\drivers\AppvVfs.sys [2018-09-15 153400]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\Windows\system32\drivers\bindflt.sys [2019-03-13 104248]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\Windows\System32\drivers\BTHMINI.sys [2018-09-15 34816]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\drivers\BTHport.sys [2019-06-13 1229824]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2018-09-15 40960]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2018-09-15 125952]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2018-09-15 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2018-09-15 51512]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\Windows\System32\drivers\hidspi.sys [2018-09-15 60928]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2019-06-13 80400]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2018-09-15 27648]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2018-09-15 1866768]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2018-09-15 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-09-15 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2018-09-15 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2018-09-15 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2018-09-15 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-09-15 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [2018-09-15 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [2018-09-15 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2018-09-15 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2018-09-15 45568]
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2018-09-15 42496]
S3 irda;IrDA; C:\Windows\system32\drivers\irda.sys [2018-09-15 124928]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2018-09-15 515384]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2018-09-15 58680]
S3 MbbCx;MBB Network Adapter Class Extension; C:\Windows\system32\drivers\MbbCx.sys [2019-03-13 290816]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2018-09-15 53760]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2018-09-15 1150496]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2018-09-15 153616]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2018-09-15 184320]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\Windows\System32\drivers\nvdimm.sys [2018-09-15 148480]
S3 PktMon;Packet Monitor Driver; C:\Windows\system32\drivers\PktMon.sys [2018-09-15 85504]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2018-09-15 117248]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2018-09-15 17408]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2019-04-10 981816]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\Windows\System32\drivers\rhproxy.sys [2018-09-15 108032]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\Windows\System32\drivers\SDFRd.sys [2018-09-15 33080]
S3 smbdirect;smbdirect; C:\Windows\System32\DRIVERS\smbdirect.sys [2018-09-15 171520]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\Windows\System32\drivers\SpatialGraphFilter.sys [2018-09-15 73016]
S4 hvcrash;hvcrash; C:\Windows\System32\drivers\hvcrash.sys [2018-09-15 33280]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-12-16 83984]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2016-10-12 744640]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2019-05-04 3117648]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2019-05-04 2888272]
R2 AtherosSvc;AtherosSvc; C:\Windows\System32\drivers\AdminService.exe [2018-06-26 416072]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-05-27 409224]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 CDPUserSvc_240ac;CDPUserSvc_240ac; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2019-06-06 11146224]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2018-04-11 373704]
R2 OneSyncSvc_240ac;OneSyncSvc_240ac; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\Windows\system32\SgrmBroker.exe [2019-04-10 255128]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-05-28 6844776]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 cbdhsvc_240ac;cbdhsvc_240ac; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2018-09-15 51696]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\Windows\system32\SecurityHealthService.exe [2019-02-14 864056]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-11 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-05-27 57504]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BcastDVRUserService_240ac;BcastDVRUserService_240ac; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 BluetoothUserService_240ac;BluetoothUserService_240ac; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 CaptureService_240ac;CaptureService_240ac; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 ConsentUxUserSvc_240ac;ConsentUxUserSvc_240ac; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2018-04-11 502728]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicePickerUserSvc_240ac;DevicePickerUserSvc_240ac; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevicesFlowUserSvc_240ac;DevicesFlowUserSvc_240ac; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-15 92672]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\elevation_service.exe [2019-06-18 1098224]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-11 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 MessagingService_240ac;MessagingService_240ac; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2019-06-06 266736]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe [2018-09-15 78848]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PimIndexMaintenanceSvc_240ac;PimIndexMaintenanceSvc_240ac; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PrintWorkflowUserSvc_240ac;PrintWorkflowUserSvc_240ac; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2018-09-15 51696]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2019-04-10 5382448]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2018-09-15 1269248]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2018-09-15 51696]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\Windows\system32\spectrum.exe [2018-09-15 982528]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\Windows\system32\AppVClient.exe [2019-03-13 831288]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\Windows\System32\svchost.exe [2018-09-15 51696]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pmalý notebook - Přeinstalovaý Windows přes Linux

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Sirius
Návštěvník
Návštěvník
Příspěvky: 169
Registrován: 18 zář 2014 17:21

Re: Pmalý notebook - Přeinstalovaý Windows přes Linux

#3 Příspěvek od Sirius »

Podle logu naprosto čisto.

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-06-18.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-24-2019
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1249 octets] - [24/06/2019 16:41:31]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pmalý notebook - Přeinstalovaý Windows přes Linux

#4 Příspěvek od Rudy »

Jj, toto je OK. Teď dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . Z RSIT nemohu v desítkách mazat, hrozí poškození systému.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Sirius
Návštěvník
Návštěvník
Příspěvky: 169
Registrován: 18 zář 2014 17:21

Re: Pmalý notebook - Přeinstalovaý Windows přes Linux

#5 Příspěvek od Sirius »

Přikládám logy.

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-06-2019
Ran by Sněhurka (administrator) on DESKTOP-HPHU0SM (Acer Extensa 2519) (24-06-2019 17:29:40)
Running from C:\Users\Sněhurka\Desktop
Loaded Profiles: Sněhurka (Available Profiles: Sněhurka)
Platform: Windows 10 Pro Version 1809 17763.557 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19053.13.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-937433848-1957336393-3034831750-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-937433848-1957336393-3034831750-1001\...\MountPoints2: {3d1df613-0202-11e9-855e-505bc2968422} - "G:\Lenovo_Suite.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-20] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07845EF7-85CA-4AF6-95BF-652D8C619B9D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208896 2019-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A6EFCE6-1DA3-4BF9-B0BC-F828856F875A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26167288 2019-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C150713-B81B-4F14-B9CC-452E372F6D46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {15FE1203-CC29-4C56-BE1F-051F48721F0C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-937433848-1957336393-3034831750-1001Core => C:\Users\Sněhurka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {1F9554C8-062D-47BA-A1C5-A11AAE982135} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208896 2019-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {20708E7B-B7B6-4AEE-B8DB-8BF58A66BF7B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6364200 2019-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {216F8048-986A-4DAE-8687-49FBB9008EEC} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-HPHU0SM-Sněhurka => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {304DA0DC-18EC-4DF6-8B73-EC3B26D98C0B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26167288 2019-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {48C7CF9E-757E-4537-BA1A-4C5C6B25709D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149528 2019-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D0FC6E9-B359-4B2A-92F1-E1C27DC06074} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {5106142E-E18E-464C-A324-E84746DE961E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {52B53CC7-E46E-44E9-A3AB-0E1DF0EBC2E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {54DAC644-24F7-43B6-B2C9-185BA561F307} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {62CDF44F-F9E9-499F-8A00-E255C3F01836} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {640901EE-46F3-4DD2-B008-9A35FF268F90} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {76EC4B47-87D4-40A6-95DB-236F888B797F} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-HPHU0SM-Sněhurka => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7C8C365E-9905-458B-9353-39E3C26751D8} - System32\Tasks\HPCustParticipation HP LaserJet MFP M28-M31 => C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPCustPartic.exe [6662792 2018-07-04] (Hewlett Packard -> HP Inc.)
Task: {8D5F3D1E-60A6-40D3-9DD5-051BDF239111} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6364200 2019-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA6A9701-BDA8-4005-943E-CBAB2D23F097} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B776F1E8-9210-424F-B03F-F93F436DB233} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {C5464DB9-4A50-49C4-8786-878D4A8CA118} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2019-05-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CC370053-BAD4-4447-B2DD-085EF8DE9274} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149528 2019-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {D6DCF034-79A1-413C-A8E7-2C181CDBF2BD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E619811F-E95C-4D65-8D17-2EDA9814461F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-937433848-1957336393-3034831750-1001UA => C:\Users\Sněhurka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {F034E758-3EC1-45DD-A05E-5BCCCF44F8B2} - System32\Tasks\OInstall => C:\Windows\OInstall.exe [11995824 2016-12-06] (WZTeam -> ) [File not signed]
Task: {FD550CC4-BF67-47EC-BF9A-57915C03C42E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 192.168.100.1
Tcpip\..\Interfaces\{094cdff6-d6c2-44c9-9cca-c042fdf6238c}: [DhcpNameServer] 192.168.100.1 192.168.100.1
Tcpip\..\Interfaces\{f31a6e2a-65f6-4e9d-a504-5adde052f542}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-16] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Sněhurka\AppData\Local\Google\Chrome\User Data\Default [2019-06-24]
CHR Extension: (Dokumenty) - C:\Users\Sněhurka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Sněhurka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-20]
CHR Extension: (Avast Online Security) - C:\Users\Sněhurka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Sněhurka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-11]
CHR Extension: (Chrome Media Router) - C:\Users\Sněhurka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-20]
CHR Profile: C:\Users\Sněhurka\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Windows\System32\drivers\AdminService.exe [416072 2018-06-26] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11146224 2019-06-06] (Microsoft Corporation -> Microsoft Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373704 2018-04-11] (Intel(R) pGFX -> Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-24] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [15488 2019-01-10] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [168104 2019-06-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225600 2019-06-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\System32\drivers\athw8x.sys [4233728 2018-09-15] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [7408584 2018-04-11] (Intel(R) pGFX -> Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [451616 2018-11-23] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [66168 2015-10-28] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146200 2015-10-14] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [47496 2019-06-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [337632 2019-06-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-24] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-24 17:29 - 2019-06-24 17:32 - 000022545 _____ C:\Users\Sněhurka\Desktop\FRST.txt
2019-06-24 17:29 - 2019-06-24 17:29 - 000000000 ____D C:\FRST
2019-06-24 17:27 - 2019-06-24 17:27 - 002418688 _____ (Farbar) C:\Users\Sněhurka\Desktop\FRST64.exe
2019-06-24 16:39 - 2019-06-24 16:41 - 000000000 ____D C:\AdwCleaner
2019-06-24 16:39 - 2019-06-24 16:39 - 007025360 _____ (Malwarebytes) C:\Users\Sněhurka\Desktop\adwcleaner_7.3.exe
2019-06-24 16:37 - 2019-06-24 16:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2019-06-24 14:08 - 2019-06-24 14:08 - 000000000 ____D C:\rsit
2019-06-24 14:08 - 2019-06-24 14:08 - 000000000 ____D C:\Program Files\trend micro
2019-06-24 14:07 - 2019-06-24 14:07 - 001222144 _____ C:\Users\Sněhurka\Downloads\RSITx64.exe
2019-06-24 13:24 - 2019-06-24 13:24 - 000000000 ___HD C:\$AV_ASW
2019-06-24 13:23 - 2019-06-24 13:23 - 000003710 _____ C:\Windows\System32\Tasks\OInstall
2019-06-24 13:23 - 2016-12-06 10:36 - 011995824 _____ C:\Windows\OInstall.exe
2019-06-23 02:15 - 2019-06-23 02:45 - 733677568 _____ C:\Users\Sněhurka\Downloads\Adela jeste nevecerela (1977).avi
2019-06-19 20:18 - 2019-06-19 20:18 - 000000000 ____D C:\Program Files\UNP
2019-06-16 08:40 - 2019-06-16 08:40 - 000002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2019-06-16 08:40 - 2019-06-16 08:40 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2019-06-16 08:40 - 2019-06-16 08:40 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2019-06-16 08:40 - 2019-06-16 08:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2019-06-15 00:12 - 2019-06-15 00:12 - 000000000 _____ C:\Windows\system32\fpfftResultsFile.txt
2019-06-13 23:44 - 2019-06-13 23:44 - 020816384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 018999296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 012162048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 007724992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 006068224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 005112792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 003743744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 002323696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 002017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-06-13 23:44 - 2019-06-13 23:44 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 001260048 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-06-13 23:44 - 2019-06-13 23:44 - 001223168 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 000927744 _____ (Microsoft Corporation) C:\Windows\system32\assignedaccessmanagersvc.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 000618496 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessManager.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 000345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 000311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2019-06-13 23:44 - 2019-06-13 23:44 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 026808320 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 023438336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 015221248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 012869120 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 007875072 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 006547144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 006441472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 006309256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 005764608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 005588184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 005210904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 004883968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 004661760 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 004627456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 003906560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 003426816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 002777736 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 002690048 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 002276192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-06-13 23:43 - 2019-06-13 23:43 - 001899160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 001761280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 001750016 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 001670840 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 001618944 ____R (The ICU Project) C:\Windows\SysWOW64\icuin.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 001485312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 001466496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 001254912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 001098136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 001072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 001000448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000804352 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000791040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000553664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000540720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000515152 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000451104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000427688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000398848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000375296 _____ (Microsoft Corporation) C:\Windows\system32\esentutl.exe
2019-06-13 23:43 - 2019-06-13 23:43 - 000362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000359936 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-06-13 23:43 - 2019-06-13 23:43 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esentutl.exe
2019-06-13 23:43 - 2019-06-13 23:43 - 000287912 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2019-06-13 23:43 - 2019-06-13 23:43 - 000280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-13 23:43 - 2019-06-13 23:43 - 000201728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000122680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000091424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000087864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AssignedAccessRuntime.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2019-06-13 23:43 - 2019-06-13 23:43 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 017484800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 009682744 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-13 23:42 - 2019-06-13 23:42 - 007884288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 006926336 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 005297152 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-06-13 23:42 - 2019-06-13 23:42 - 003983872 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-06-13 23:42 - 2019-06-13 23:42 - 003385344 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 003363640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-06-13 23:42 - 2019-06-13 23:42 - 003344896 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 003091968 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 002926096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-13 23:42 - 2019-06-13 23:42 - 002638336 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-06-13 23:42 - 2019-06-13 23:42 - 002627600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-06-13 23:42 - 2019-06-13 23:42 - 002422272 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-06-13 23:42 - 2019-06-13 23:42 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 002085168 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 001929216 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 001903616 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 001860608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 001700312 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-06-13 23:42 - 2019-06-13 23:42 - 001644544 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 001605120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 001483872 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 001471040 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-06-13 23:42 - 2019-06-13 23:42 - 001462272 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 001342904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-06-13 23:42 - 2019-06-13 23:42 - 001331536 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 001315328 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 001256448 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 001255936 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 001180184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-06-13 23:42 - 2019-06-13 23:42 - 001054712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-06-13 23:42 - 2019-06-13 23:42 - 001032704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000863544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-06-13 23:42 - 2019-06-13 23:42 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-06-13 23:42 - 2019-06-13 23:42 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000735232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000699392 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000604344 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-13 23:42 - 2019-06-13 23:42 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000586040 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000555232 _____ (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-06-13 23:42 - 2019-06-13 23:42 - 000531968 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000513904 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000478720 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000474936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-06-13 23:42 - 2019-06-13 23:42 - 000430904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2019-06-13 23:42 - 2019-06-13 23:42 - 000419368 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000398208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000351232 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000282424 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000262160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-06-13 23:42 - 2019-06-13 23:42 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000247608 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000218624 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSrv.exe
2019-06-13 23:42 - 2019-06-13 23:42 - 000114648 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2019-06-13 23:42 - 2019-06-13 23:42 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessRuntime.dll
2019-06-13 23:42 - 2019-06-13 23:42 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2019-06-13 23:41 - 2019-06-13 23:42 - 000375544 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-06-13 23:41 - 2019-06-13 23:41 - 007687576 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 004997096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 003270144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 002999808 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 002928640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-06-13 23:41 - 2019-06-13 23:41 - 002653696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 001860096 ____R (The ICU Project) C:\Windows\system32\icuin.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 001616384 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 001298952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-06-13 23:41 - 2019-06-13 23:41 - 001229824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-06-13 23:41 - 2019-06-13 23:41 - 001219424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 001048592 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-06-13 23:41 - 2019-06-13 23:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000924160 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000853504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000850760 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000773632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000758688 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-06-13 23:41 - 2019-06-13 23:41 - 000756736 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000752144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2019-06-13 23:41 - 2019-06-13 23:41 - 000730592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-06-13 23:41 - 2019-06-13 23:41 - 000676048 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000651576 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-06-13 23:41 - 2019-06-13 23:41 - 000651064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-06-13 23:41 - 2019-06-13 23:41 - 000615440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2019-06-13 23:41 - 2019-06-13 23:41 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000506192 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\DDDS.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000462136 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000424960 _____ (Microsoft Corporation) C:\Windows\system32\SDDS.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000404792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-06-13 23:41 - 2019-06-13 23:41 - 000389120 _____ (Microsoft Corporation) C:\Windows\system32\BingASDS.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000386576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000292664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2019-06-13 23:41 - 2019-06-13 23:41 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\JpnServiceDS.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2019-06-13 23:41 - 2019-06-13 23:41 - 000196920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-06-13 23:41 - 2019-06-13 23:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\FilterDS.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000156984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000152896 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000152400 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000137056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000125528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000101176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\BingFilterDS.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-13 23:41 - 2019-06-13 23:41 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000080400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-06-13 23:41 - 2019-06-13 23:41 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2019-06-13 23:41 - 2019-06-13 23:41 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-13 23:41 - 2019-06-13 23:41 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-06-13 23:41 - 2019-06-13 23:41 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-06-13 23:41 - 2019-06-13 23:41 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-06-13 23:41 - 2019-06-13 23:41 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-06-13 23:41 - 2019-06-13 23:41 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-06-13 23:41 - 2019-06-13 23:41 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-06-13 23:41 - 2019-06-13 23:41 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-06-13 23:41 - 2019-06-13 23:41 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-06-12 22:59 - 2019-06-12 22:59 - 001993528 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2019-05-30 15:03 - 2019-05-30 15:03 - 003645109 _____ C:\Users\Sněhurka\Downloads\Nová trasa Labské stezky .pdf
2019-05-27 22:55 - 2019-05-27 22:53 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-24 17:27 - 2018-12-11 19:26 - 000004264 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-06-24 17:24 - 2018-12-07 21:16 - 000000000 __SHD C:\Users\Sněhurka\IntelGraphicsProfiles
2019-06-24 17:23 - 2018-12-07 21:16 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-06-24 16:45 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-24 16:43 - 2018-12-08 02:38 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-24 16:42 - 2018-09-15 08:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-06-24 13:47 - 2018-12-16 21:58 - 000000000 ____D C:\Users\Sněhurka\AppData\Local\CrashDumps
2019-06-24 13:47 - 2018-12-08 02:31 - 000000000 ____D C:\Windows\Panther
2019-06-24 13:47 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2019-06-24 13:20 - 2018-12-08 02:38 - 000000000 ____D C:\Windows\system32\Drivers\wd
2019-06-24 11:59 - 2018-12-17 15:35 - 000000000 ____D C:\Users\Sněhurka\AppData\Roaming\uTorrent
2019-06-24 11:07 - 2018-12-08 02:37 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-06-23 08:13 - 2018-12-17 20:59 - 000000000 ____D C:\Users\Sněhurka\AppData\Roaming\vlc
2019-06-22 16:24 - 2019-04-21 08:07 - 000000000 ____D C:\Users\Sněhurka\Downloads\Přendat
2019-06-21 11:39 - 2018-12-07 20:18 - 000000000 ____D C:\ProgramData\Packages
2019-06-21 11:39 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-21 11:39 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness
2019-06-20 15:52 - 2018-12-11 19:26 - 000168104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-20 01:22 - 2018-12-11 19:11 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-20 01:22 - 2018-12-11 19:11 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-17 14:56 - 2018-12-11 19:26 - 000225600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-16 23:46 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-06-16 08:41 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-06-16 08:38 - 2018-12-11 18:48 - 000000000 ____D C:\Program Files\Microsoft Office
2019-06-15 22:58 - 2018-12-11 19:18 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-15 22:55 - 2018-12-07 20:03 - 000003384 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-937433848-1957336393-3034831750-1001
2019-06-15 22:55 - 2018-12-07 20:03 - 000000000 ___RD C:\Users\Sněhurka\OneDrive
2019-06-15 22:55 - 2018-12-07 19:59 - 000002370 _____ C:\Users\Sněhurka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-15 00:12 - 2018-12-11 18:09 - 000000000 ____D C:\Windows\system32\DAX3
2019-06-15 00:12 - 2018-12-11 18:09 - 000000000 ____D C:\Windows\system32\DAX2
2019-06-15 00:11 - 2018-12-11 18:08 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-06-14 19:50 - 2018-12-07 20:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-14 19:50 - 2018-12-07 20:00 - 000000000 ___RD C:\Users\Sněhurka\3D Objects
2019-06-14 19:48 - 2018-12-08 02:37 - 000295040 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-14 12:36 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\migwiz
2019-06-14 12:35 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-14 12:35 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\bcastdvr
2019-06-13 23:50 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2019-06-12 23:10 - 2018-12-16 19:32 - 000000000 ____D C:\Windows\system32\MRT
2019-06-12 23:01 - 2018-12-16 19:31 - 135349160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-06-09 22:50 - 2019-02-07 11:10 - 000001379 _____ C:\Users\Public\Desktop\Skype.lnk
2019-06-09 22:50 - 2019-02-07 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-06-08 13:05 - 2019-01-07 02:10 - 000000000 ____D C:\Users\Sněhurka\Documents\Vlastní šablony Office
2019-05-31 20:03 - 2018-09-15 09:36 - 000835688 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-31 20:03 - 2018-09-15 09:36 - 000179816 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-30 10:56 - 2018-12-11 19:26 - 000385880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-05-28 14:42 - 2018-12-07 20:00 - 000000000 ____D C:\Users\Sněhurka\AppData\Local\Packages
2019-05-27 22:55 - 2018-09-15 09:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-05-27 22:54 - 2018-12-11 19:26 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-05-27 22:54 - 2018-12-11 19:26 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-05-27 22:54 - 2018-12-11 19:26 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-05-27 22:54 - 2018-12-11 19:26 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-05-27 22:53 - 2019-01-14 17:34 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-05-27 22:53 - 2019-01-10 00:12 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-05-27 22:53 - 2019-01-10 00:12 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-27 22:53 - 2019-01-10 00:12 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-05-27 22:53 - 2018-12-11 19:26 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-05-27 22:53 - 2018-12-11 19:26 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys

==================== Files in the root of some directories ================

2018-12-11 18:40 - 2019-04-17 00:41 - 000000033 _____ () C:\Users\Sněhurka\AppData\Roaming\AdobeWLCMCache.dat

==================== FLock ================

2018-12-08 02:50 C:\Windows\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2019
Ran by Sněhurka (24-06-2019 17:34:50)
Running from C:\Users\Sněhurka\Desktop
Windows 10 Pro Version 1809 17763.557 (X64) (2018-12-08 00:49:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-937433848-1957336393-3034831750-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-937433848-1957336393-3034831750-503 - Limited - Disabled)
Guest (S-1-5-21-937433848-1957336393-3034831750-501 - Limited - Disabled)
Sněhurka (S-1-5-21-937433848-1957336393-3034831750-1001 - Administrator - Enabled) => C:\Users\Sněhurka
WDAGUtilityAccount (S-1-5-21-937433848-1957336393-3034831750-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP Dropbox Plugin (HKLM-x32\...\{7B730D4C-A9F2-42BA-90E9-3B1B1FE22D41}) (Version: 36.0.191.0 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{1E00635B-B22C-4953-BBCC-61BAED7C2D85}) (Version: 43.0.191.0 - HP)
HP FTP Plugin (HKLM-x32\...\{68DC53C1-AEE9-460A-A142-C9E8151F489E}) (Version: 43.0.191.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{B67ABBB5-5C0D-4619-A6D6-BA5A5FA422CC}) (Version: 36.0.191.0 - HP)
HP LaserJet MFP M28-M31 Nápověda (HKLM-x32\...\{0DF6621D-67C2-4E12-A5CF-260E985B8743}) (Version: 0.00.0005 - HP)
HP OneDrive Plugin (HKLM-x32\...\{1DE55A9E-B55D-4943-97B6-064B04A57AE2}) (Version: 36.0.191.0 - HP)
HP SFTP Plugin (HKLM-x32\...\{1F0191BF-E339-4192-85D9-C369CA3FE9F1}) (Version: 43.0.191.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{8775F78E-6414-48E3-98D2-76EBB1B8721F}) (Version: 43.0.191.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{39508F29-1E81-40FC-85DA-3182CB04614E}) (Version: 15.2.10.1114 - HP Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.11629.20246 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-937433848-1957336393-3034831750-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11629.20246 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8694.1 - Realtek Semiconductor Corp.)
Skype verze 8.46 (HKLM-x32\...\Skype_is1) (Version: 8.46 - Skype Technologies S.A.)
Studie vylepšování produktu HP LaserJet MFP M28-M31 (HKLM\...\{A4E991A2-87C7-4E6C-B93D-9694B4192666}) (Version: 46.2.2636.18185 - HP Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Základní software zařízení HP LaserJet MFP M28-M31 (HKLM\...\{C9DEFBBD-AC31-4DF6-81C2-385FCAA3B28B}) (Version: 46.2.2636.18185 - HP Inc.)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1530.2.0_x86__kgqvnymyfvs32 [2019-06-13] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220 [2019-03-09] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-07] (Fitbit)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_95.1.531.0_x64__v10z8vjag6ke6 [2019-03-20] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-04-03] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.375.0_x64__mcm4njqhnhss8 [2019-02-20] (Netflix, Inc.)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-937433848-1957336393-3034831750-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2019-01-04 10:38 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-937433848-1957336393-3034831750-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sněhurka\Pictures\S63071960.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-937433848-1957336393-3034831750-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-937433848-1957336393-3034831750-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A75EA1CB-50C7-4B2E-B888-659190110EC8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F55CCF78-D7B8-4B3C-9146-C9B577AC9789}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3953D706-E92B-4C61-B783-C3279704F4AC}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2019\Photoshop.exe No File
FirewallRules: [TCP Query User{94F5DB93-AD32-4628-A9CB-F4B7507B9086}C:\users\sněhurka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sněhurka\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{03B5114C-9983-47A5-9333-8A40F351F2AA}C:\users\sněhurka\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sněhurka\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{182DEF09-60AE-4A6B-A4A3-7BBF3484069E}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{AB7EBDF4-98F2-4D47-A7E1-915B7F18978C}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{90D6EF2E-B066-4780-80DC-19F29C62F307}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{DA91E005-C1F8-41B4-861D-DE71A6ABD221}] => (Allow) LPort=5357
FirewallRules: [{DDBBB6A5-6A0B-4C11-A74F-45BF07D58FC8}] => (Allow) C:\Program Files\HP\HP LaserJet MFP M28-M31\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{9C23C5CE-AE9F-4106-AA72-832E222C6154}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B1242A34-84E6-4DC2-881B-9BE88845ED03}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{A71BDCD3-606B-45D6-8FC5-61AD9F16F324}C:\users\sněhurka\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\sněhurka\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{6C251A24-2D21-42FB-92A7-35B8336472FA}C:\users\sněhurka\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\sněhurka\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{E96ED012-42BF-47BF-A3CE-2B34FBC16F33}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1EA35319-F450-4D96-9A12-AEFB90B92145}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{799EABA7-DF92-4B0A-A6F3-E8926D4C0CDD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

20-06-2019 16:49:45 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/24/2019 04:47:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WindowsInternal.ComposableShell.Experiences.TextInput.InputApp. verze 10.0.17763.292 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 16b4

Čas spuštění: 01d52a9b91642132

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe

ID hlášení: 2ccd5b2d-893d-4724-97f9-6a6947593a9c

Úplný název balíčku s chybou: InputApp_1000.17763.1.0_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce


System errors:
=============
Error: (06/24/2019 05:26:07 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HPHU0SM)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-HPHU0SM\Sněhurka (SID: S-1-5-21-937433848-1957336393-3034831750-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/24/2019 05:24:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/24/2019 05:24:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/24/2019 04:48:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Hostitel synchronizace_44228 byla ukončena s následující chybou:
Přístup byl odepřen.

Error: (06/24/2019 04:48:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HPHU0SM)
Description: Server {7966B4D8-4FDC-4126-A10B-39A3209AD251} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/24/2019 04:48:03 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HPHU0SM)
Description: Server {7966B4D8-4FDC-4126-A10B-39A3209AD251} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/24/2019 04:48:03 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HPHU0SM)
Description: Server {7966B4D8-4FDC-4126-A10B-39A3209AD251} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/24/2019 04:48:03 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-HPHU0SM)
Description: Server {7966B4D8-4FDC-4126-A10B-39A3209AD251} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2019-06-13 23:08:52.926
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.366.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.

Date: 2019-06-13 23:08:52.909
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.366.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.

Date: 2018-12-11 17:29:33.154
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.363.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80240438
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2018-12-11 17:18:59.190
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.363.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80072ee2
Popis chyby :Operace nebyla v požadované době dokončena.

Date: 2018-12-11 17:18:59.189
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.363.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80072ee2
Popis chyby :Operace nebyla v požadované době dokončena.

CodeIntegrity:
===================================

Date: 2019-06-24 16:45:44.225
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-24 16:45:44.216
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-24 16:45:44.161
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-24 16:45:44.154
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-24 14:03:39.796
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-24 14:03:39.790
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-24 14:03:39.750
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-24 14:03:39.744
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.23 03/29/2017
Motherboard: Acer Extensa 2519
Processor: Intel(R) Pentium(R) CPU N3710 @ 1.60GHz
Percentage of memory in use: 67%
Total physical RAM: 3930.02 MB
Available physical RAM: 1279.13 MB
Total Virtual: 5018.02 MB
Available Virtual: 2560.65 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:462.05 GB) (Free:59.78 GB) NTFS
Drive d: (WINDRIVER) (Fixed) (Total:2.74 GB) (Free:0.97 GB) NTFS

\\?\Volume{ca379e59-330e-4b51-b5e6-c33cdc289951}\ (ACER_LINUX) (Fixed) (Total:0.97 GB) (Free:0.3 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: A3AE3DF4)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pmalý notebook - Přeinstalovaý Windows přes Linux

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-937433848-1957336393-3034831750-1001\...\MountPoints2: {3d1df613-0202-11e9-855e-505bc2968422} - "G:\Lenovo_Suite.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {15FE1203-CC29-4C56-BE1F-051F48721F0C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-937433848-1957336393-3034831750-1001Core => C:\Users\Sněhurka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {4D0FC6E9-B359-4B2A-92F1-E1C27DC06074} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {B776F1E8-9210-424F-B03F-F93F436DB233} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{3953D706-E92B-4C61-B783-C3279704F4AC}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2019\Photoshop.exe No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Sirius
Návštěvník
Návštěvník
Příspěvky: 169
Registrován: 18 zář 2014 17:21

Re: Pmalý notebook - Přeinstalovaý Windows přes Linux

#7 Příspěvek od Sirius »

Přikládám log

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-06-2019
Ran by Sněhurka (24-06-2019 18:16:54) Run:1
Running from C:\Users\Sněhurka\Desktop
Loaded Profiles: Sněhurka (Available Profiles: Sněhurka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-937433848-1957336393-3034831750-1001\...\MountPoints2: {3d1df613-0202-11e9-855e-505bc2968422} - "G:\Lenovo_Suite.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {15FE1203-CC29-4C56-BE1F-051F48721F0C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-937433848-1957336393-3034831750-1001Core => C:\Users\Sn�hurka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {4D0FC6E9-B359-4B2A-92F1-E1C27DC06074} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
Task: {B776F1E8-9210-424F-B03F-F93F436DB233} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-11] (Google Inc -> Google Inc.)
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{3953D706-E92B-4C61-B783-C3279704F4AC}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2019\Photoshop.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-937433848-1957336393-3034831750-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d1df613-0202-11e9-855e-505bc2968422} => removed successfully
HKLM\Software\Classes\CLSID\{3d1df613-0202-11e9-855e-505bc2968422} => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15FE1203-CC29-4C56-BE1F-051F48721F0C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15FE1203-CC29-4C56-BE1F-051F48721F0C}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-937433848-1957336393-3034831750-1001Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-937433848-1957336393-3034831750-1001Core" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4D0FC6E9-B359-4B2A-92F1-E1C27DC06074}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D0FC6E9-B359-4B2A-92F1-E1C27DC06074}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B776F1E8-9210-424F-B03F-F93F436DB233}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B776F1E8-9210-424F-B03F-F93F436DB233}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3953D706-E92B-4C61-B783-C3279704F4AC}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 173879822 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 6025977 B
Edge => 13824 B
Chrome => 19948964 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 152195586 B
NetworkService => 0 B
Sněhurka => 26607984 B

RecycleBin => 0 B
EmptyTemp: => 371.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:19:42 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pmalý notebook - Přeinstalovaý Windows přes Linux

#8 Příspěvek od Rudy »

OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Sirius
Návštěvník
Návštěvník
Příspěvky: 169
Registrován: 18 zář 2014 17:21

Re: Pmalý notebook - Přeinstalovaý Windows přes Linux

#9 Příspěvek od Sirius »

Zatím se zdá, že se zapíná i pracuje o něco rychleji. Z nejhoršího je tak zjevně vyléčen.

Stále však netuším, proč se zobrazuje disk D, který by existovat zřejmě neměl. V logu jsem si také všiml těchto řádků:

Drive c: () (Fixed) (Total:462.05 GB) (Free:59.78 GB) NTFS
Drive d: (WINDRIVER) (Fixed) (Total:2.74 GB) (Free:0.97 GB) NTFS

\\?\Volume{ca379e59-330e-4b51-b5e6-c33cdc289951}\ (ACER_LINUX) (Fixed) (Total:0.97 GB) (Free:0.3 GB) FAT32

Jako by snad v notebooku zbylo cosi z Linuxu, který na něm původně byl nainstalován. Nemohla by i nějaká případná chyba při přeinstalování způsobit zpomalování systému?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pmalý notebook - Přeinstalovaý Windows přes Linux

#10 Příspěvek od Rudy »

Toto není po Linuxu, neboť Linux má své specifické formátování. Nemůže být na NTFS, ani FAT32, ale jejich nativní formátování je ext1, ext2. Pojmenování disku D:\ zřejmě souvisí nějak s ovladači hardwaru (mohou být na něm uloženy). Disk tím pádem může být skrytý. Disk je malý (2,74GB, z toho volných 0,97GB). Klikněte prvým myšítkem na Počítač>pak levým na spravovat>Disky a zkontrolujte, zda má přidělené písmeno jednotky. Pokud ne, klikněte na disk znovu pravým myšítkem, z menu vyberte změnit písmeno a pak písmeno přidělte. Tím by se měl disk objevit. Pokud je ale skrytý, písmeno má a pro uživatele není dostupný. Pak ten stav ponechte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Sirius
Návštěvník
Návštěvník
Příspěvky: 169
Registrován: 18 zář 2014 17:21

Re: Pmalý notebook - Přeinstalovaý Windows přes Linux

#11 Příspěvek od Sirius »

Pak je tedy vše v pořádku a já moc děkuji za Váš čas. Mamka bude mít radost :worship:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pmalý notebook - Přeinstalovaý Windows přes Linux

#12 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno