Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zpomalený notebook

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
morar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 212
Registrován: 01 kvě 2007 16:35
Bydliště: Bzenec

Zpomalený notebook

#1 Příspěvek od morar »

Ahoj. Potřebuji pomoc. Noťas je zpomalený snad ve všem. Otevírání prohlížečů, průzkumník, programy i samotné spuštění PC.

Logy z FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-12-2019
Ran by aleto (administrator) on DESKTOP-FHD1H5J (ASUSTeK COMPUTER INC. E502NA) (22-12-2019 19:12:39)
Running from C:\Users\aleto\Desktop
Loaded Profiles: aleto (Available Profiles: aleto)
Platform: Windows 10 Home Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUS) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Google LLC -> Google) C:\Users\aleto\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\aleto\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\aleto\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\aleto\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\aleto\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\aleto\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\aleto\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\aleto\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_15a31af13552ac52\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_15a31af13552ac52\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_15a31af13552ac52\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_15a31af13552ac52\IntelCpHeciSvc.exe
(Kingsoft Office Software Corporation Limited) C:\Program Files\WindowsApps\ZhuhaiKingsoftOfficeSoftw.WPSOffice_11.2.8342.0_x86__924xes6e8q1tw\11.2.0.8342\office6\wps.exe
(Kingsoft Office Software Corporation Limited) C:\Program Files\WindowsApps\ZhuhaiKingsoftOfficeSoftw.WPSOffice_11.2.8342.0_x86__924xes6e8q1tw\11.2.0.8342\office6\wps.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Seznam.cz, a.s. -> ) C:\Users\aleto\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\aleto\AppData\Roaming\Seznam.cz\bin\szndesktop.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\aleto\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\aleto\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\aleto\AppData\Local\Microsoft\Teams\Update.exe [1789552 2019-08-19] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.79\Installer\chrmstp.exe [2019-12-12] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {039BFD2D-73BF-4470-9043-2B8098B1FEAC} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {03B3322C-00CF-4903-A3DB-311A90F811E9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {0732371D-1F9B-4707-A68D-4572252CF9D3} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {2316B990-12E4-4E05-844A-71DCCFB9B350} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {27D786A4-4471-44E5-A8B2-8FC7A063294B} - System32\Tasks\ASUSTek Computer Inc\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
Task: {3E4EAE1F-25C7-4D5E-91BE-C5BFC71AC87C} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55808 2016-10-12] (ASUS) [File not signed]
Task: {45B7C9B8-86A8-43BE-8DC6-E29643F2EC30} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {504D020E-EEBC-4E22-92FB-4B1BCBAA03F7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2107800 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {552BFDE2-8E0B-48C2-B520-FFF490F35183} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6072640 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E144FE2-F6CF-4771-BB9C-2AC19523D505} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {682A4259-B7E1-4F2B-BF62-41D749113677} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2107800 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {69C60C29-8255-41C2-9E8F-56051D334CA4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B67B10E-885C-4843-A412-F5BCA9429D7F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6072640 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D62C059-C6B9-4ED2-8D3F-904DD425D26E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78DEBB08-3EA4-4C0D-9978-B5F672A29272} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7BDD1119-ECB4-458E-983A-D4839995EDDD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-21] (Google Inc -> Google Inc.)
Task: {85BE6011-5B5D-457E-BA3D-B51D74BDED49} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B0B360E-E757-487A-950E-FB0A349C1C9C} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\TXE Components\iCLS\IntelPTTEKRecertification.exe [855352 2016-05-23] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {A53A2204-9DC0-457A-8757-04BE1C6A6B3C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16696840 2016-09-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {C0461DC8-9F24-47D8-8B46-DBAB6E12AC94} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DF379FD3-6782-4568-B1AF-E48F2081C8D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-21] (Google Inc -> Google Inc.)
Task: {EC8CEE03-77C9-4497-991E-F3447A64E548} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1467400 2016-09-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EF7BA590-7B62-4BD7-A7D8-6D4DE5063775} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19967504 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {F1B86E91-79CC-4D7D-B32F-816BB64BADA8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2090312 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F41771E8-2323-4385-AD92-4DF59CE222B1} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1579296 2016-11-09] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{dc5d7edc-f7e3-4ccf-8811-e609d7d6805a}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-567866537-3238156340-4204155586-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-567866537-3238156340-4204155586-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-22] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-22] (Google LLC -> Google LLC)

Chrome:
=======
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTabSwitcher.html"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E211CZ885G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default [2019-12-22]
CHR Extension: (Docs) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-21]
CHR Extension: (Google Drive) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-21]
CHR Extension: (Seznam doplněk - Email) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-10-29]
CHR Extension: (YouTube) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-21]
CHR Extension: (Google Docs Offline) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-11-15]
CHR Extension: (Gmail) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-22]
CHR HKU\S-1-5-21-567866537-3238156340-4204155586-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-567866537-3238156340-4204155586-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [325600 2016-08-26] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> )
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2215168 2016-11-01] (Intel Corporation -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\iCLS\SocketHeciServer.exe [974632 2016-05-23] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [176416 2016-11-16] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [29312 2016-11-14] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4591032 2016-11-01] (Qualcomm Atheros -> Qualcomm Atheros Communications, Inc.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [71232 2016-11-01] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66616 2016-11-01] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-11-01] (Intel Corporation -> Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-01] (Realtek Semiconductor Corp. -> Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-22 19:12 - 2019-12-22 19:14 - 000023946 _____ C:\Users\aleto\Desktop\FRST.txt
2019-12-22 19:12 - 2019-12-22 19:13 - 000000000 ____D C:\FRST
2019-12-22 19:10 - 2019-12-22 19:10 - 000000000 ___HD C:\Users\aleto\Documents\KingsoftData
2019-12-22 19:10 - 2019-12-22 19:10 - 000000000 ____D C:\Users\aleto\AppData\Local\kingsoft
2019-12-22 19:09 - 2019-12-22 19:09 - 002260480 _____ (Farbar) C:\Users\aleto\Desktop\FRST64.exe
2019-12-22 18:23 - 2019-12-22 18:23 - 000000000 _____ C:\Users\aleto\AppData\Local\{AABFB0F7-8D1F-4C6B-8644-0586F4F5B2F9}
2019-12-22 17:34 - 2019-12-22 17:34 - 000000000 ____D C:\Users\aleto\AppData\Local\CEF
2019-12-22 17:24 - 2019-12-22 17:24 - 000000753 _____ C:\Users\aleto\Desktop\Obrázky – zástupce.lnk
2019-12-22 17:24 - 2019-12-22 17:24 - 000000739 _____ C:\Users\aleto\Desktop\Videa – zástupce.lnk
2019-12-22 17:24 - 2019-12-22 17:24 - 000000736 _____ C:\Users\aleto\Desktop\Hudba – zástupce.lnk
2019-12-22 17:21 - 2019-12-22 17:21 - 000000162 ____H C:\Users\aleto\Desktop\~$pni smlouva.odt
2019-12-12 21:05 - 2019-12-12 21:05 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-12 21:05 - 2019-12-12 21:05 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-12 21:04 - 2019-12-12 21:05 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-12 21:04 - 2019-12-12 21:04 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-12 21:04 - 2019-12-12 21:04 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-12 21:04 - 2019-12-12 21:04 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-12 21:04 - 2019-12-12 21:04 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-12 21:04 - 2019-12-12 21:04 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-12 21:04 - 2019-12-12 21:04 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-12 21:04 - 2019-12-12 21:04 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-12 21:03 - 2019-12-12 21:04 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-12 21:03 - 2019-12-12 21:03 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-12 21:03 - 2019-12-12 21:03 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-12 21:03 - 2019-12-12 21:03 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-12 21:03 - 2019-12-12 21:03 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-12 21:03 - 2019-12-12 21:03 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-12 21:03 - 2019-12-12 21:03 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-12 21:03 - 2019-12-12 21:03 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-12 21:03 - 2019-12-12 21:03 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-12 21:03 - 2019-12-12 21:03 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-12 21:02 - 2019-12-12 21:03 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-12 21:02 - 2019-12-12 21:02 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-12 21:02 - 2019-12-12 21:02 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-12 21:02 - 2019-12-12 21:02 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-12 21:02 - 2019-12-12 21:02 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-12 21:02 - 2019-12-12 21:02 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-12 21:02 - 2019-12-12 21:02 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-12 21:02 - 2019-12-12 21:02 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-12 21:02 - 2019-12-12 21:02 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-12 21:02 - 2019-12-12 21:02 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-22 19:07 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-22 18:52 - 2018-06-02 10:53 - 000000000 ____D C:\Users\aleto\AppData\Roaming\Seznam.cz
2019-12-22 18:51 - 2018-04-21 14:40 - 000000182 _____ C:\Users\aleto\AppData\Roaming\sp_data.sys
2019-12-22 18:47 - 2018-04-21 14:35 - 000000000 __SHD C:\Users\aleto\IntelGraphicsProfiles
2019-12-22 18:46 - 2019-09-01 17:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-22 18:46 - 2017-08-12 00:43 - 000000000 ____D C:\Program Files\mcafee
2019-12-22 18:46 - 2017-08-12 00:42 - 000000000 ____D C:\ProgramData\McAfee
2019-12-22 18:45 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-22 18:40 - 2019-09-01 17:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2019-12-22 18:39 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-22 18:39 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-12-22 18:37 - 2019-09-01 16:57 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-22 18:37 - 2019-03-19 12:55 - 000719670 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-22 18:37 - 2019-03-19 12:55 - 000150554 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-22 18:36 - 2018-04-21 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2019-12-22 18:16 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-22 17:54 - 2018-04-21 19:40 - 000000000 ___RD C:\Users\aleto\3D Objects
2019-12-22 17:54 - 2017-08-12 00:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-22 17:53 - 2019-09-01 16:36 - 000612672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-22 17:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-22 17:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-22 17:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-22 17:32 - 2019-09-01 17:11 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-22 17:32 - 2019-09-01 17:11 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-22 17:31 - 2018-04-21 16:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-22 17:13 - 2018-04-21 16:31 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-22 17:12 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-22 17:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-12 19:51 - 2018-04-21 14:44 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-12 19:51 - 2018-04-21 14:44 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-12 19:44 - 2017-08-12 00:55 - 000000000 ____D C:\Program Files\Microsoft Office
2019-12-11 21:13 - 2019-09-01 16:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-11 20:23 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-11 17:39 - 2018-06-10 21:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-12-06 18:16 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== Files in the root of some directories ========

2018-04-21 14:40 - 2019-12-22 18:51 - 000000182 _____ () C:\Users\aleto\AppData\Roaming\sp_data.sys
2019-12-22 18:23 - 2019-12-22 18:23 - 000000000 _____ () C:\Users\aleto\AppData\Local\{AABFB0F7-8D1F-4C6B-8644-0586F4F5B2F9}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2019
Ran by aleto (22-12-2019 19:16:34)
Running from C:\Users\aleto\Desktop
Windows 10 Home Version 1903 18362.535 (X64) (2019-09-01 16:12:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-567866537-3238156340-4204155586-500 - Administrator - Disabled)
aleto (S-1-5-21-567866537-3238156340-4204155586-1001 - Administrator - Enabled) => C:\Users\aleto
DefaultAccount (S-1-5-21-567866537-3238156340-4204155586-503 - Limited - Disabled)
Guest (S-1-5-21-567866537-3238156340-4204155586-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-567866537-3238156340-4204155586-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.5.24 - ASUSTek Computer Inc)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.13 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.2.0 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0049 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.3.16 - ICEpower a/s)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.7 - ASUSTek COMPUTER INC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.79 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1631.3 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 3.0.12.1138 - Intel Corporation)
LibreOffice 6.0.4.2 (HKLM\...\{CBC4E8DF-CCBD-4260-A6A5-B682BA706DC4}) (Version: 6.0.4.2 - The Document Foundation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\Teams) (Version: 1.2.00.19260 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22329 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.11 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.27056 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7940 - Realtek Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.19260 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F3874F6F-EA00-487D-BEAD-5FAA010E78F2}) (Version: 1.15.0.0 - Microsoft Corporation) Hidden
Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (08/15/2016 11.0.0.13) (HKLM\...\A2DEE012DC7578575962E3ACBE995AE145C87914) (Version: 08/15/2016 11.0.0.13 - ASUS)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.4.4.0_x86__kgqvnymyfvs32 [2019-12-11] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-11] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.5.1.2_x86__h6adky7gbf63m [2019-11-27] (Gameloft.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220 [2019-10-05] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2018-10-28] (Microsoft Platform Extensions)
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-09] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.9.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-23] (Microsoft Corporation) [MS Ad]
MyASUS-Service Center -> C:\Program Files\WindowsApps\B9ECED6F.MyASUS_3.3.11.0_x86__qmba6cd70vzyy [2018-04-27] (ASUSTeK COMPUTER INC.) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-30] (Netflix, Inc.)
One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2019.210.3.0_x64__8kea50m9krsh2 [2019-04-21] (Code Spark)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-04-21] (Plex)
WPS Office for ASUS -> C:\Program Files\WindowsApps\ZhuhaiKingsoftOfficeSoftw.WPSOffice_11.2.8342.0_x86__924xes6e8q1tw [2019-11-17] (Kingsoft Office Software Corporation Limited)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-567866537-3238156340-4204155586-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\aleto\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-567866537-3238156340-4204155586-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\aleto\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_15a31af13552ac52\igfxDTCM.dll [2016-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-07-03 10:51 - 2017-07-03 10:51 - 001937408 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\ffmpeg.dll
2017-07-03 10:51 - 2017-07-03 10:51 - 000079360 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\libegl.dll
2017-07-03 10:51 - 2017-07-03 10:51 - 002177536 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\libglesv2.dll
2017-07-03 10:51 - 2017-07-03 10:51 - 003561984 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\node.dll
2016-10-12 22:17 - 2016-10-12 22:17 - 000125440 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-10-12 22:17 - 2016-10-12 22:17 - 000033280 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2016-10-12 22:17 - 2016-10-12 22:17 - 000029184 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2019-10-05 22:49 - 2019-10-05 22:49 - 000154624 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220\DAXRPCClient.dll
2019-10-05 22:49 - 2019-10-05 22:49 - 036338176 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220\DolbyAccess.dll
2019-09-01 18:21 - 2019-09-01 18:21 - 000948736 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220\e_sqlite3.dll
2019-11-17 19:18 - 2019-11-17 19:20 - 000274432 _____ () [File not signed] C:\Program Files\WindowsApps\ZhuhaiKingsoftOfficeSoftw.WPSOffice_11.2.8342.0_x86__924xes6e8q1tw\11.2.0.8342\office6\uwpimp.dll
2016-10-12 22:17 - 2016-10-12 22:17 - 001676288 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll
2016-10-12 22:17 - 2016-10-12 22:17 - 000178176 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll
2016-10-12 22:17 - 2016-10-12 22:17 - 000165888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2017-07-03 10:51 - 2017-07-03 10:51 - 073507840 _____ (The NWJS Community) [File not signed] C:\Program Files (x86)\ASUS\Giftbox\nw.dll
2017-07-03 10:51 - 2017-07-03 10:51 - 000124928 _____ (The NWJS Community) [File not signed] C:\Program Files (x86)\ASUS\Giftbox\nw_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\sharepoint.com -> hxxps://vutbr-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\iCLS\;C:\Program Files\Intel\TXE Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-567866537-3238156340-4204155586-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6A10A48A-83E5-4710-940C-C399EE433039}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B38E75C7-3755-4969-AD45-4339A55990CE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4243C132-DD05-4894-ADD4-F531416E1FA6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{00DC6864-F1F1-487F-86B4-B6E672B6BB66}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6792FDB4-8671-4477-A46A-95F8F87B2B55}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{182EED13-BE6D-4315-8CE8-B34D567F5C03}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{EBFCBEDA-DAF2-47B2-A7DB-9D623967C92B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D19F145B-96CB-4182-B341-B6F7C3635F42}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

23-11-2019 20:07:05 Naplánovaný kontrolní bod
11-12-2019 21:11:58 Naplánovaný kontrolní bod
22-12-2019 17:07:27 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/22/2019 07:16:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9764,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/22/2019 07:03:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5044,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/22/2019 06:36:27 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (12/22/2019 06:34:42 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (12/22/2019 06:23:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Gfxv4_0.exe, verze: 8.15.10.4550, časové razítko: 0x582613d2
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.18362.535, časové razítko: 0x50cc8d5a
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000003a839
ID chybujícího procesu: 0xc74
Čas spuštění chybující aplikace: 0x01d5b8ec7cd0c9f5
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_15a31af13552ac52\Gfxv4_0.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 955174aa-f5a1-4182-a664-333bca9a69b0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/22/2019 06:23:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Gfxv4_0.exe, verze: 8.15.10.4550, časové razítko: 0x582613d2
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.18362.535, časové razítko: 0x50cc8d5a
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a839
ID chybujícího procesu: 0xc74
Čas spuštění chybující aplikace: 0x01d5b8ec7cd0c9f5
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_15a31af13552ac52\Gfxv4_0.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 1485f194-1398-4425-92af-ca049632d915
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/22/2019 06:23:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: Gfxv4_0.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.OutOfMemoryException
na System.Windows.Media.Composition.DUCE+Channel.SyncFlush()
na System.Windows.Media.MediaContext.CompleteRender()
na System.Windows.Interop.HwndTarget.OnResize()
na System.Windows.Interop.HwndTarget.HandleMessage(MS.Internal.Interop.WindowMessage, IntPtr, IntPtr)
na System.Windows.Interop.HwndSource.HwndTargetFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (12/22/2019 06:22:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AUDIODG.EXE, verze: 10.0.18362.449, časové razítko: 0xd42474b6
Název chybujícího modulu: RltkAPO64.dll, verze: 11.0.6000.529, časové razítko: 0x57d9322e
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000021c547
ID chybujícího procesu: 0x306c
Čas spuštění chybující aplikace: 0x01d5b8ec731fefe0
Cesta k chybující aplikaci: C:\WINDOWS\system32\AUDIODG.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\system32\RltkAPO64.dll
ID zprávy: 0fde881d-f945-4479-b253-53fad2d6e1af
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (12/22/2019 06:46:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (12/22/2019 06:32:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (12/22/2019 06:25:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby ModuleCoreService bylo dosaženo časového limitu (30000 ms).

Error: (12/22/2019 06:25:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby mfemms bylo dosaženo časového limitu (30000 ms).

Error: (12/22/2019 06:25:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby mccspsvc bylo dosaženo časového limitu (30000 ms).

Error: (12/22/2019 06:25:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby sppsvc bylo dosaženo časového limitu (30000 ms).

Error: (12/22/2019 06:24:07 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FHD1H5J)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/22/2019 06:24:05 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2019-12-22 19:04:53.800
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {33BE5681-3AAC-4C23-9D31-F56D8A7417FD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-FHD1H5J\aleto

Date: 2019-12-22 17:41:06.257
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {08F2DCE0-67E9-4583-A4F0-1B33C3032C1E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-FHD1H5J\aleto

Date: 2019-12-06 20:30:45.895
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {40E0A9A9-802B-4B65-BA55-06D89C117C43}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-06 18:24:26.863
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B20980C4-3367-4775-A06D-4B12914276D3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-03 19:26:37.058
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {45D9D1CB-577B-4DAD-AC32-2E15E33D8673}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-22 18:20:42.700
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.338.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2019-12-22 18:20:42.699
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.338.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2019-12-22 18:17:34.068
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.338.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80072efe
Popis chyby: Spojení se serverem bylo nenormálně ukončeno.

Date: 2019-12-22 18:17:34.067
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.338.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80072efe
Popis chyby: Spojení se serverem bylo nenormálně ukončeno.

Date: 2019-12-22 18:17:34.066
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.338.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80072efe
Popis chyby: Spojení se serverem bylo nenormálně ukončeno.

CodeIntegrity:
===================================

Date: 2019-12-22 18:34:46.223
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 18:34:46.162
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 18:34:41.764
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2019-12-22 18:30:06.872
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2019-12-22 18:30:06.827
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2019-12-22 18:21:27.041
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\mcafee.com\agent\mcupdate.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-12-22 18:21:26.743
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\mcafee.com\agent\mcupdate.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-12-22 18:21:22.482
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\mcafee.com\agent\mcupdate.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. E502NA.301 02/24/2017
Motherboard: ASUSTeK COMPUTER INC. E502NA
Processor: Intel(R) Celeron(R) CPU N3350 @ 1.10GHz
Percentage of memory in use: 72%
Total physical RAM: 3959.74 MB
Available physical RAM: 1087.61 MB
Total Virtual: 16247.06 MB
Available Virtual: 12805.03 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:464.71 GB) (Free:395.01 GB) NTFS

\\?\Volume{31a33937-3f89-4019-92e1-860a9a073c90}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.36 GB) NTFS
\\?\Volume{aab51e58-a024-4b1d-b414-c6e583311bc0}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 371C92CE)

Partition: GPT.

==================== End of Addition.txt =======================
==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalený notebook

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

morar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 212
Registrován: 01 kvě 2007 16:35
Bydliště: Bzenec

Re: Zpomalený notebook

#3 Příspěvek od morar »

Váš odkaz je na to jak vytvořit log z FRST, ale ty jsem již vložil. Nerozumím pokynu.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalený notebook

#4 Příspěvek od Rudy »

Promiňte, chybně jsem kopíroval.
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

morar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 212
Registrován: 01 kvě 2007 16:35
Bydliště: Bzenec

Re: Zpomalený notebook

#5 Příspěvek od morar »

Log z ADW

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2019-12-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-22-2019
# Duration: 00:00:14
# OS: Windows 10 Home
# Cleaned: 11
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\aleto\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4159 octets] - [22/12/2019 21:15:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalený notebook

#6 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

morar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 212
Registrován: 01 kvě 2007 16:35
Bydliště: Bzenec

Re: Zpomalený notebook

#7 Příspěvek od morar »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-12-2019
Ran by aleto (administrator) on DESKTOP-FHD1H5J (ASUSTeK COMPUTER INC. E502NA) (22-12-2019 21:58:18)
Running from C:\Users\aleto\Desktop
Loaded Profiles: aleto (Available Profiles: aleto)
Platform: Windows 10 Home Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUS) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_15a31af13552ac52\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_15a31af13552ac52\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_15a31af13552ac52\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_15a31af13552ac52\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.307.955.0.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\consent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MpCmdRun.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MpCmdRun.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\aleto\AppData\Local\Microsoft\Teams\Update.exe [1789552 2019-08-19] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.79\Installer\chrmstp.exe [2019-12-12] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {039BFD2D-73BF-4470-9043-2B8098B1FEAC} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {03B3322C-00CF-4903-A3DB-311A90F811E9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {0732371D-1F9B-4707-A68D-4572252CF9D3} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {2316B990-12E4-4E05-844A-71DCCFB9B350} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {27D786A4-4471-44E5-A8B2-8FC7A063294B} - System32\Tasks\ASUSTek Computer Inc\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
Task: {3E4EAE1F-25C7-4D5E-91BE-C5BFC71AC87C} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55808 2016-10-12] (ASUS) [File not signed]
Task: {45B7C9B8-86A8-43BE-8DC6-E29643F2EC30} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {504D020E-EEBC-4E22-92FB-4B1BCBAA03F7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2107800 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {552BFDE2-8E0B-48C2-B520-FFF490F35183} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6072640 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E144FE2-F6CF-4771-BB9C-2AC19523D505} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {682A4259-B7E1-4F2B-BF62-41D749113677} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2107800 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {69C60C29-8255-41C2-9E8F-56051D334CA4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B67B10E-885C-4843-A412-F5BCA9429D7F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6072640 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D62C059-C6B9-4ED2-8D3F-904DD425D26E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78DEBB08-3EA4-4C0D-9978-B5F672A29272} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7BDD1119-ECB4-458E-983A-D4839995EDDD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-21] (Google Inc -> Google Inc.)
Task: {85BE6011-5B5D-457E-BA3D-B51D74BDED49} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {9B0B360E-E757-487A-950E-FB0A349C1C9C} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\TXE Components\iCLS\IntelPTTEKRecertification.exe [855352 2016-05-23] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {A53A2204-9DC0-457A-8757-04BE1C6A6B3C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16696840 2016-09-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {C0461DC8-9F24-47D8-8B46-DBAB6E12AC94} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DF379FD3-6782-4568-B1AF-E48F2081C8D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-21] (Google Inc -> Google Inc.)
Task: {EC8CEE03-77C9-4497-991E-F3447A64E548} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1467400 2016-09-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EF7BA590-7B62-4BD7-A7D8-6D4DE5063775} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19967504 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {F1B86E91-79CC-4D7D-B32F-816BB64BADA8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2090312 2019-12-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F41771E8-2323-4385-AD92-4DF59CE222B1} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1579296 2016-11-09] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{dc5d7edc-f7e3-4ccf-8811-e609d7d6805a}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-567866537-3238156340-4204155586-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-567866537-3238156340-4204155586-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File

Edge:
======
DownloadDir: C:\Users\aleto\Downloads

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-22] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-22] (Google LLC -> Google LLC)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E211CZ885G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default [2019-12-22]
CHR Extension: (Docs) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-21]
CHR Extension: (Google Drive) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-21]
CHR Extension: (Seznam doplněk - Email) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-12-22]
CHR Extension: (YouTube) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-21]
CHR Extension: (Google Docs Offline) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\aleto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-22]
CHR HKU\S-1-5-21-567866537-3238156340-4204155586-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-567866537-3238156340-4204155586-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [325600 2016-08-26] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> )
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2215168 2016-11-01] (Intel Corporation -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\iCLS\SocketHeciServer.exe [974632 2016-05-23] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [176416 2016-11-16] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [29312 2016-11-14] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4591032 2016-11-01] (Qualcomm Atheros -> Qualcomm Atheros Communications, Inc.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [71232 2016-11-01] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66616 2016-11-01] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-11-01] (Intel Corporation -> Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-01] (Realtek Semiconductor Corp. -> Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-22 21:14 - 2019-12-22 21:17 - 000000000 ____D C:\AdwCleaner
2019-12-22 21:13 - 2019-12-22 21:13 - 008237744 _____ (Malwarebytes) C:\Users\aleto\Desktop\adwcleaner_8.0.1.exe
2019-12-22 19:16 - 2019-12-22 19:23 - 000031530 _____ C:\Users\aleto\Desktop\Addition.txt
2019-12-22 19:12 - 2019-12-22 22:07 - 000022265 _____ C:\Users\aleto\Desktop\FRST.txt
2019-12-22 19:12 - 2019-12-22 22:05 - 000000000 ____D C:\FRST
2019-12-22 19:10 - 2019-12-22 19:10 - 000000000 ___HD C:\Users\aleto\Documents\KingsoftData
2019-12-22 19:10 - 2019-12-22 19:10 - 000000000 ____D C:\Users\aleto\AppData\Local\kingsoft
2019-12-22 19:09 - 2019-12-22 19:09 - 002260480 _____ (Farbar) C:\Users\aleto\Desktop\FRST64.exe
2019-12-22 18:23 - 2019-12-22 18:23 - 000000000 _____ C:\Users\aleto\AppData\Local\{AABFB0F7-8D1F-4C6B-8644-0586F4F5B2F9}
2019-12-22 17:34 - 2019-12-22 17:34 - 000000000 ____D C:\Users\aleto\AppData\Local\CEF
2019-12-22 17:24 - 2019-12-22 17:24 - 000000753 _____ C:\Users\aleto\Desktop\Obrázky – zástupce.lnk
2019-12-22 17:24 - 2019-12-22 17:24 - 000000739 _____ C:\Users\aleto\Desktop\Videa – zástupce.lnk
2019-12-22 17:24 - 2019-12-22 17:24 - 000000736 _____ C:\Users\aleto\Desktop\Hudba – zástupce.lnk
2019-12-22 17:21 - 2019-12-22 17:21 - 000000162 ____H C:\Users\aleto\Desktop\~$pni smlouva.odt
2019-12-12 21:05 - 2019-12-12 21:05 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-12 21:05 - 2019-12-12 21:05 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-12 21:05 - 2019-12-12 21:05 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-12 21:04 - 2019-12-12 21:05 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-12 21:04 - 2019-12-12 21:04 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-12 21:04 - 2019-12-12 21:04 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-12 21:04 - 2019-12-12 21:04 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-12 21:04 - 2019-12-12 21:04 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-12 21:04 - 2019-12-12 21:04 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-12 21:04 - 2019-12-12 21:04 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-12 21:04 - 2019-12-12 21:04 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-12 21:04 - 2019-12-12 21:04 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-12 21:03 - 2019-12-12 21:04 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-12 21:03 - 2019-12-12 21:03 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-12 21:03 - 2019-12-12 21:03 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-12 21:03 - 2019-12-12 21:03 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-12 21:03 - 2019-12-12 21:03 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-12 21:03 - 2019-12-12 21:03 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-12 21:03 - 2019-12-12 21:03 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-12 21:03 - 2019-12-12 21:03 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-12 21:03 - 2019-12-12 21:03 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-12 21:03 - 2019-12-12 21:03 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-12 21:03 - 2019-12-12 21:03 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-12 21:03 - 2019-12-12 21:03 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-12 21:02 - 2019-12-12 21:03 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-12 21:02 - 2019-12-12 21:02 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-12 21:02 - 2019-12-12 21:02 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-12 21:02 - 2019-12-12 21:02 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-12 21:02 - 2019-12-12 21:02 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-12 21:02 - 2019-12-12 21:02 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-12 21:02 - 2019-12-12 21:02 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-12 21:02 - 2019-12-12 21:02 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-12 21:02 - 2019-12-12 21:02 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-12 21:02 - 2019-12-12 21:02 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-22 22:05 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-22 21:48 - 2018-04-21 14:40 - 000000182 _____ C:\Users\aleto\AppData\Roaming\sp_data.sys
2019-12-22 21:44 - 2019-09-01 17:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-22 21:44 - 2018-04-21 14:35 - 000000000 __SHD C:\Users\aleto\IntelGraphicsProfiles
2019-12-22 21:43 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-22 20:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-22 20:46 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-22 20:31 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-22 20:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-22 18:46 - 2017-08-12 00:43 - 000000000 ____D C:\Program Files\mcafee
2019-12-22 18:46 - 2017-08-12 00:42 - 000000000 ____D C:\ProgramData\McAfee
2019-12-22 18:40 - 2019-09-01 17:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2019-12-22 18:39 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-12-22 18:37 - 2019-09-01 16:57 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-22 18:37 - 2019-03-19 12:55 - 000719670 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-22 18:37 - 2019-03-19 12:55 - 000150554 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-22 18:36 - 2018-04-21 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2019-12-22 17:54 - 2018-04-21 19:40 - 000000000 ___RD C:\Users\aleto\3D Objects
2019-12-22 17:54 - 2017-08-12 00:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-22 17:53 - 2019-09-01 16:36 - 000612672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-22 17:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-22 17:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-22 17:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-22 17:32 - 2019-09-01 17:11 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-22 17:32 - 2019-09-01 17:11 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-22 17:31 - 2018-04-21 16:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-22 17:13 - 2018-04-21 16:31 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-22 17:12 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-12 19:51 - 2018-04-21 14:44 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-12 19:51 - 2018-04-21 14:44 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-12 19:44 - 2017-08-12 00:55 - 000000000 ____D C:\Program Files\Microsoft Office
2019-12-11 21:13 - 2019-09-01 16:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-11 17:39 - 2018-06-10 21:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-12-06 18:16 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== Files in the root of some directories ========

2018-04-21 14:40 - 2019-12-22 21:48 - 000000182 _____ () C:\Users\aleto\AppData\Roaming\sp_data.sys
2019-12-22 18:23 - 2019-12-22 18:23 - 000000000 _____ () C:\Users\aleto\AppData\Local\{AABFB0F7-8D1F-4C6B-8644-0586F4F5B2F9}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2019
Ran by aleto (22-12-2019 22:10:26)
Running from C:\Users\aleto\Desktop
Windows 10 Home Version 1903 18362.535 (X64) (2019-09-01 16:12:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-567866537-3238156340-4204155586-500 - Administrator - Disabled)
aleto (S-1-5-21-567866537-3238156340-4204155586-1001 - Administrator - Enabled) => C:\Users\aleto
DefaultAccount (S-1-5-21-567866537-3238156340-4204155586-503 - Limited - Disabled)
Guest (S-1-5-21-567866537-3238156340-4204155586-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-567866537-3238156340-4204155586-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.5.24 - ASUSTek Computer Inc)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.13 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.2.0 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0049 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.3.16 - ICEpower a/s)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.7 - ASUSTek COMPUTER INC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.79 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1631.3 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 3.0.12.1138 - Intel Corporation)
LibreOffice 6.0.4.2 (HKLM\...\{CBC4E8DF-CCBD-4260-A6A5-B682BA706DC4}) (Version: 6.0.4.2 - The Document Foundation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\Teams) (Version: 1.2.00.19260 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22329 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.11 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.27056 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7940 - Realtek Semiconductor Corp.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.19260 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F3874F6F-EA00-487D-BEAD-5FAA010E78F2}) (Version: 1.15.0.0 - Microsoft Corporation) Hidden
Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (08/15/2016 11.0.0.13) (HKLM\...\A2DEE012DC7578575962E3ACBE995AE145C87914) (Version: 08/15/2016 11.0.0.13 - ASUS)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.4.4.0_x86__kgqvnymyfvs32 [2019-12-11] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-11] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.5.1.2_x86__h6adky7gbf63m [2019-11-27] (Gameloft.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220 [2019-12-22] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Midi gm.dls -> C:\Program Files\WindowsApps\Microsoft.Midi.GmDls_1.0.1.0_neutral__8wekyb3d8bbwe [2018-10-28] (Microsoft Platform Extensions)
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-09] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.9.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-22] (Microsoft Corporation) [MS Ad]
MyASUS-Service Center -> C:\Program Files\WindowsApps\B9ECED6F.MyASUS_3.3.11.0_x86__qmba6cd70vzyy [2018-04-27] (ASUSTeK COMPUTER INC.) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-30] (Netflix, Inc.)
One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2019.210.3.0_x64__8kea50m9krsh2 [2019-04-21] (Code Spark)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-04-21] (Plex)
WPS Office for ASUS -> C:\Program Files\WindowsApps\ZhuhaiKingsoftOfficeSoftw.WPSOffice_11.2.8342.0_x86__924xes6e8q1tw [2019-11-17] (Kingsoft Office Software Corporation Limited)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-567866537-3238156340-4204155586-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\aleto\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-567866537-3238156340-4204155586-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\aleto\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_15a31af13552ac52\igfxDTCM.dll [2016-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\aleto\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2017-07-03 10:51 - 2017-07-03 10:51 - 001937408 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\ffmpeg.dll
2017-07-03 10:51 - 2017-07-03 10:51 - 000079360 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\libegl.dll
2017-07-03 10:51 - 2017-07-03 10:51 - 002177536 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\libglesv2.dll
2017-07-03 10:51 - 2017-07-03 10:51 - 003561984 _____ () [File not signed] C:\Program Files (x86)\ASUS\Giftbox\node.dll
2016-10-12 22:17 - 2016-10-12 22:17 - 000125440 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-10-12 22:17 - 2016-10-12 22:17 - 000033280 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2016-10-12 22:17 - 2016-10-12 22:17 - 000029184 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2019-12-22 20:41 - 2019-12-22 20:42 - 037163008 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220\DolbyAccess.dll
2019-09-01 18:21 - 2019-09-01 18:21 - 000948736 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220\e_sqlite3.dll
2016-10-12 22:17 - 2016-10-12 22:17 - 001676288 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll
2016-10-12 22:17 - 2016-10-12 22:17 - 000178176 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll
2016-10-12 22:17 - 2016-10-12 22:17 - 000165888 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll
2017-08-12 00:56 - 2017-08-12 00:56 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2017-08-12 00:56 - 2017-08-12 00:56 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2017-07-03 10:51 - 2017-07-03 10:51 - 073507840 _____ (The NWJS Community) [File not signed] C:\Program Files (x86)\ASUS\Giftbox\nw.dll
2017-07-03 10:51 - 2017-07-03 10:51 - 000124928 _____ (The NWJS Community) [File not signed] C:\Program Files (x86)\ASUS\Giftbox\nw_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\sharepoint.com -> hxxps://vutbr-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\iCLS\;C:\Program Files\Intel\TXE Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-567866537-3238156340-4204155586-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-567866537-3238156340-4204155586-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6A10A48A-83E5-4710-940C-C399EE433039}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B38E75C7-3755-4969-AD45-4339A55990CE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4243C132-DD05-4894-ADD4-F531416E1FA6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{00DC6864-F1F1-487F-86B4-B6E672B6BB66}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6792FDB4-8671-4477-A46A-95F8F87B2B55}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{182EED13-BE6D-4315-8CE8-B34D567F5C03}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{EBFCBEDA-DAF2-47B2-A7DB-9D623967C92B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D19F145B-96CB-4182-B341-B6F7C3635F42}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

23-11-2019 20:07:05 Naplánovaný kontrolní bod
11-12-2019 21:11:58 Naplánovaný kontrolní bod
22-12-2019 17:07:27 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/22/2019 10:01:59 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4368,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/22/2019 09:55:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ShellExperienceHost.exe verze 10.0.18362.387 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 26ac

Čas spuštění: 01d5b90a015675c2

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

ID hlášení: a2d79fee-d5cd-47c1-abd9-f6a70d82cac9

Úplný název balíčku s chybou: Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (12/22/2019 09:48:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SystemSettings.exe, verze: 10.0.18362.449, časové razítko: 0x066bf1a5
Název chybujícího modulu: msvcrt.dll, verze: 7.0.18362.1, časové razítko: 0xf5bdefd7
Kód výjimky: 0x40000015
Posun chyby: 0x000000000000ae72
ID chybujícího procesu: 0x910
Čas spuštění chybující aplikace: 0x01d5b909137c0f93
Cesta k chybující aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\msvcrt.dll
ID zprávy: c8d04ef5-ca20-40cf-9b6b-cc88f20fba34
Úplný název chybujícího balíčku: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: microsoft.windows.immersivecontrolpanel

Error: (12/22/2019 09:43:40 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (12/22/2019 09:43:40 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (12/22/2019 09:33:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SecHealthUI.exe verze 10.0.18362.387 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 16cc

Čas spuštění: 01d5b906e1c36dc4

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe

ID hlášení: 76edb049-646d-4d09-8665-b5b27fa0b58e

Úplný název balíčku s chybou: Microsoft.Windows.SecHealthUI_10.0.18362.449_neutral__cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: SecHealthUI

Typ zablokování: Activation

Error: (12/22/2019 09:32:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4624,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/22/2019 09:27:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SystemSettingsBroker.exe, verze: 10.0.18362.1, časové razítko: 0x5fc608d5
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.18362.387, časové razítko: 0x4361b720
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000006db8e
ID chybujícího procesu: 0x1528
Čas spuštění chybující aplikace: 0x01d5b90606326d40
Cesta k chybující aplikaci: C:\Windows\System32\SystemSettingsBroker.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: a13b23c6-86e7-425d-aa50-d9eec940e366
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (12/22/2019 10:05:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Správce instalace zařízení neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/22/2019 10:05:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Správce instalace zařízení bylo dosaženo časového limitu (30000 ms).

Error: (12/22/2019 09:44:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (12/22/2019 09:43:32 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby SecurityHealthService s argumenty Není k dispozici za účelem spuštění serveru:
{8C9C0DB7-2CBA-40F1-AFE0-C55740DD91A0}

Error: (12/22/2019 09:43:24 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FHD1H5J)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/22/2019 09:43:24 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-FHD1H5J)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/22/2019 09:43:21 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/22/2019 09:43:20 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {354FF91B-5E49-4BDC-A8E6-1CB6C6877182} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2019-12-22 19:04:53.800
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {33BE5681-3AAC-4C23-9D31-F56D8A7417FD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-FHD1H5J\aleto

Date: 2019-12-22 17:41:06.257
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {08F2DCE0-67E9-4583-A4F0-1B33C3032C1E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-FHD1H5J\aleto

Date: 2019-12-06 20:30:45.895
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {40E0A9A9-802B-4B65-BA55-06D89C117C43}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-06 18:24:26.863
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B20980C4-3367-4775-A06D-4B12914276D3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-03 19:26:37.058
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {45D9D1CB-577B-4DAD-AC32-2E15E33D8673}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-22 21:39:30.598
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.955.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-12-22 18:20:42.700
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.338.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2019-12-22 18:20:42.699
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.338.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2019-12-22 18:17:34.068
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.338.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80072efe
Popis chyby: Spojení se serverem bylo nenormálně ukončeno.

Date: 2019-12-22 18:17:34.067
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.338.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80072efe
Popis chyby: Spojení se serverem bylo nenormálně ukončeno.

CodeIntegrity:
===================================

Date: 2019-12-22 18:34:46.223
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 18:34:46.162
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-22 18:34:41.764
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2019-12-22 18:30:06.872
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2019-12-22 18:30:06.827
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2019-12-22 18:21:27.041
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\mcafee.com\agent\mcupdate.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-12-22 18:21:26.743
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\mcafee.com\agent\mcupdate.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-12-22 18:21:22.482
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\mcafee.com\agent\mcupdate.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. E502NA.301 02/24/2017
Motherboard: ASUSTeK COMPUTER INC. E502NA
Processor: Intel(R) Celeron(R) CPU N3350 @ 1.10GHz
Percentage of memory in use: 83%
Total physical RAM: 3959.74 MB
Available physical RAM: 671.51 MB
Total Virtual: 16034.13 MB
Available Virtual: 836.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:464.71 GB) (Free:393.58 GB) NTFS

\\?\Volume{31a33937-3f89-4019-92e1-860a9a073c90}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.36 GB) NTFS
\\?\Volume{aab51e58-a024-4b1d-b414-c6e583311bc0}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 371C92CE)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalený notebook

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
Task: {7BDD1119-ECB4-458E-983A-D4839995EDDD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-21] (Google Inc -> Google Inc.)
Task: {DF379FD3-6782-4568-B1AF-E48F2081C8D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-21] (Google Inc -> Google Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
C:\Users\aleto\AppData\Local\{AABFB0F7-8D1F-4C6B-8644-0586F4F5B2F9}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\aleto\AppData\Local\{AABFB0F7-8D1F-4C6B-8644-0586F4F5B2F9}
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{6792FDB4-8671-4477-A46A-95F8F87B2B55}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{182EED13-BE6D-4315-8CE8-B34D567F5C03}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

morar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 212
Registrován: 01 kvě 2007 16:35
Bydliště: Bzenec

Re: Zpomalený notebook

#9 Příspěvek od morar »

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-12-2019
Ran by aleto (23-12-2019 17:10:38) Run:1
Running from C:\Users\aleto\Desktop
Loaded Profiles: aleto (Available Profiles: aleto)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {7BDD1119-ECB4-458E-983A-D4839995EDDD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-21] (Google Inc -> Google Inc.)
Task: {DF379FD3-6782-4568-B1AF-E48F2081C8D9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-04-21] (Google Inc -> Google Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
C:\Users\aleto\AppData\Local\{AABFB0F7-8D1F-4C6B-8644-0586F4F5B2F9}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\aleto\AppData\Local\{AABFB0F7-8D1F-4C6B-8644-0586F4F5B2F9}
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{6792FDB4-8671-4477-A46A-95F8F87B2B55}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{182EED13-BE6D-4315-8CE8-B34D567F5C03}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7BDD1119-ECB4-458E-983A-D4839995EDDD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BDD1119-ECB4-458E-983A-D4839995EDDD}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF379FD3-6782-4568-B1AF-E48F2081C8D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF379FD3-6782-4568-B1AF-E48F2081C8D9}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\sacore => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => removed successfully
C:\Users\aleto\AppData\Local\{AABFB0F7-8D1F-4C6B-8644-0586F4F5B2F9} => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\Users\aleto\AppData\Local\{AABFB0F7-8D1F-4C6B-8644-0586F4F5B2F9}" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6792FDB4-8671-4477-A46A-95F8F87B2B55}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{182EED13-BE6D-4315-8CE8-B34D567F5C03}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24371028 B
Java, Flash, Steam htmlcache => 735 B
Windows/system/drivers => 11574378 B
Edge => 179399528 B
Chrome => 969715609 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 313806 B
systemprofile32 => 313806 B
LocalService => 389248 B
NetworkService => 50321414 B
aleto => 61153895 B

RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:35:17 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalený notebook

#10 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

morar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 212
Registrován: 01 kvě 2007 16:35
Bydliště: Bzenec

Re: Zpomalený notebook

#11 Příspěvek od morar »

Paráda je to podstatně rychlejší. Před tím i obyčejné otevření okna průzkumníka trvalo pár desítek vteřin. Nevím, jak to šlapalo, když to bylo nové, je to švagrovo PC, ale na tu hardwarovou konfiguraci, kterou to má se mi teď zdá, že je to fajn.

Měl bych ještě prosbu, jaký naistalovat free bezpečnostní software. Teď je v PC pouze zabezpečení Windows. Po koupení tam byla na rok předplacená verze McAfee, ale po vypršení předplatného to tam jen zavazelo.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalený notebook

#12 Příspěvek od Rudy »

Doporučuji AvastFree: https://www.avast.com/cs-cz/lp-ppc-hp-v ... lsrc=aw.ds . Na to, že je free, umí celkem dost věcí. Alternativou je Avira: https://www.avira.com/en/free-antivirus-windows . Není ale ve free verzi v češtině.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

morar
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 212
Registrován: 01 kvě 2007 16:35
Bydliště: Bzenec

Re: Zpomalený notebook

#13 Příspěvek od morar »

Avast mám na svém PC a spokojenost. Budu teď PC chvíli sledovat a uvidíme. Dík za pomoc. Poslal jsem drobný příspěvek na provoz.
Přeji krásné vánoce a mnoho zneškodněné havěti do příštího roku.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalený notebook

#14 Příspěvek od Rudy »

OK. Za příspěvek děkujeme a vy nemáte zač! Hezké svátky. :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno