nový notebook je pomalý

Zpráva

sarka124 · #1 Příspěvek od **sarka124** » 24 bře 2018 19:39

Ahoj, mohla bych poprosit o pomoc s notebookem? Můj táta si koupil nový notebook a je hrozně pomalý - dá se s tím něco udělat?
Předem děkuju za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by mirek at 2018-03-24 18:35:19
Microsoft Windows 10 Home
System drive C: has 417 GB (88%) free of 476 GB
Total RAM: 3960 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:35:54, on 24.03.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0098)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\mirek\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe
C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe
C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
C:\WINDOWS\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
C:\WINDOWS\SysWOW64\find.exe
C:\Program Files\trend micro\mirek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus17win10.msn.com/?pc=ASTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus17win10.msn.com/?pc=ASTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: McAfee WebAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O4 - HKCU\..\Run: [OneDrive] "C:\Users\mirek\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O23 - Service: McAfee Application Installer Cleanup (0143691521915884) (0143691521915884mcinstcleanup) - McAfee, Inc. - C:\WINDOWS\TEMP\014369~1.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ClientAnalyticsService - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem16.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Unknown owner - C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\iCLS\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\VSCore_15_8\McApExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\\McCSPServiceHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee LLC - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee LLC - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee PEF Service (PEFService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @oem13.inf,%BtDevMan.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) - Realtek Semiconductor Corp. - C:\WINDOWS\RtkBtManServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 13154 bytes

======Listing Processes======

winlogon.exe

C:\WINDOWS\system32\lsass.exe
"fontdrvhost.exe"
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e0a2cd87-573c-4d69-b5f5-a7c42a99ef7d -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-0b732d0a-6bc1-40d6-82ab-d90e15bd567b -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-ea14e79b-a007-472b-be2c-f1d582bc2f85 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-07763b03-e225-445f-aa06-50f93c63fd93 -LifetimeId:1531339c-4fa7-48d6-b3aa-ddc179a7da8f -DeviceGroupId:
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k dcomlaunch -p -s DeviceInstall
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS

c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"c:\program files\avast software\avast\avastsvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\RtkBtManServ.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\IntelCpHDCPSvc.exe
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\IntelCpHeciSvc.exe
C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe

"c:\program files\common files\mcafee\modulecore\modulecoreservice.exe"
"C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe"
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
"C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe"
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.EXE" MMSCOM mcbootdelaystartsvc
"C:\Windows\system32\mfevtps.exe" -mms
"C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe" -mms
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
"C:\Program Files\Common Files\McAfee\VSCore_15_8\McApExe.exe"
"C:\Program Files\McAfee\MfeAV\MFEAvSvc.exe"
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
C:\WINDOWS\System32\msdtc.exe
"C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{48DA6741-1BF0-4A44-8325-293086C79077}
C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\WLANExt.exe 1641841850304
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc

C:\WINDOWS\system32\vssvc.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NgcSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe" -userServiceMode
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe" /platui -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
sihost.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"

"ctfmon.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k AppReadiness -p -s AppReadiness
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /AECBYLISTENTOSTATUS
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BDESVC
"C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\igfxEM.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Common Files\McAfee\platform\CommonBuild\McCBEntAndInstru.exe" /context=15
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\PROGRA~1\COMMON~1\McAfee\platform\MCSTAR~1.DLL /dummy /context=15 /affid=885-0 /culture=cs-CZ /wuiv=12.0 /lcid=1029
ModuleCoreService.exe /startUserModeHosting=1_TIME_TO_DIE
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\\McCSPServiceHost.exe"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe" -critical
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
AvastUI.exe /nogui
"C:\Users\mirek\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
c:\windows\system32\svchost.exe -k netsvcs -p -s Eaphost
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe" src:taskScheduler
taskhostw.exe USER
"C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe" --type=crashpad-handler --no-rate-limit --database=C:\Users\mirek\AppData\Local\Crashpad --annotation=channel= --annotation=plat=Win32 --annotation=prod= --annotation=ver=7.5.24.0-devel --handshake-handle=0x20c
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /user
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\Updates\16.0.9029.2253\OfficeClickToRun.exe" /update
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="8184.0.466409732\1919390972" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" "C:\Users\mirek\AppData\LocalLow\Mozilla\Temp-{d61ee8e7-ee32-418e-82fc-39c84888359c}" 8184 "\\.\pipe\gecko-crash-server-pipe.8184" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="8184.3.370693948\1458904829" -childID 1 -isForBrowser -intPrefs 6:50|7:-1|34:1000|42:20|43:5|44:10|51:0|57:128|58:10000|63:0|65:400|66:1|67:0|68:0|69:100|74:0|75:120|76:120|159:2|160:1|164:60|165:30|166:512000|175:5000|177:6|191:8192|192:524288|193:5|206:10000|227:24|228:32768|230:0|231:0|240:5|244:1048576|246:100|247:5000|249:600|251:1|260:2000|277:4|281:0|290:60000|308:300|309:30| -boolPrefs 1:0|2:0|4:1|5:0|24:1|27:0|28:1|29:1|31:1|32:1|33:1|36:0|37:0|38:1|41:1|45:1|46:0|47:0|48:1|49:1|50:1|52:0|55:1|56:1|59:0|60:0|61:0|62:0|64:0|70:1|71:1|72:0|73:1|77:1|78:1|79:0|80:0|81:1|82:1|83:0|84:1|87:0|88:0|91:1|92:1|96:1|97:1|98:0|99:1|100:0|101:0|103:0|104:0|105:1|106:1|107:1|110:1|111:1|112:1|113:1|114:1|115:0|116:0|117:0|119:0|120:1|121:1|122:0|123:0|124:0|125:0|127:1|128:0|129:1|130:1|131:1|132:0|133:0|134:1|135:1|136:1|137:1|138:0|139:1|140:1|141:1|142:1|143:1|144:1|145:0|146:1|147:1|148:0|149:1|150:0|152:0|153:0|154:0|155:1|156:1|157:1|158:1|161:1|162:0|172:0|173:0|174:1|178:1|181:0|182:1|184:1|186:0|188:1|194:1|195:0|196:1|197:1|198:0|201:1|205:1|207:1|208:0|210:1|213:0|219:0|220:1|221:0|222:1|225:0|226:0|229:1|232:0|234:1|235:1|237:1|238:0|245:1|248:1|253:0|254:0|255:0|256:1|257:1|258:0|259:1|264:0|267:1|268:1|269:1|270:1|271:1|272:0|273:0|279:0|282:0|283:0|284:1|285:1|286:0|287:1|288:1|289:1|291:0|292:0|294:0|303:1|304:1|305:0|306:0|307:0| -stringPrefs "3:7;release|151:0;|212:3;1.0|223:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵ ‎‏‐’․‧  ‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ￹￺￻�|224:4;high|278:38;{d61ee8e7-ee32-418e-82fc-39c84888359c}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 8184 "\\.\pipe\gecko-crash-server-pipe.8184" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="8184.20.1754430543\1383142426" -childID 3 -isForBrowser -intPrefs 6:50|7:-1|34:1000|42:20|43:5|44:10|51:0|57:128|58:10000|63:0|65:400|66:1|67:0|68:0|69:100|74:0|75:120|76:120|159:2|160:1|164:60|165:30|166:512000|175:5000|177:6|191:8192|192:524288|193:5|206:10000|227:24|228:32768|230:0|231:0|240:5|244:1048576|246:100|247:5000|249:600|251:1|260:2000|277:4|281:0|290:60000|308:300|309:30| -boolPrefs 1:0|2:0|4:1|5:0|24:1|27:0|28:1|29:1|31:1|32:1|33:1|36:0|37:0|38:1|41:1|45:1|46:0|47:0|48:1|49:1|50:1|52:0|55:1|56:1|59:0|60:0|61:0|62:0|64:0|70:1|71:1|72:0|73:1|77:1|78:1|79:0|80:0|81:1|82:1|83:0|84:1|87:0|88:0|91:1|92:1|96:1|97:1|98:0|99:1|100:0|101:0|103:0|104:0|105:1|106:1|107:1|110:1|111:1|112:1|113:1|114:1|115:0|116:0|117:0|119:0|120:1|121:1|122:0|123:0|124:0|125:0|127:1|128:0|129:1|130:1|131:1|132:0|133:0|134:1|135:1|136:1|137:1|138:0|139:1|140:1|141:1|142:1|143:1|144:1|145:0|146:1|147:1|148:0|149:1|150:0|152:0|153:0|154:0|155:1|156:1|157:1|158:1|161:1|162:0|172:0|173:0|174:1|178:1|181:0|182:1|184:1|186:0|188:1|194:1|195:0|196:1|197:1|198:0|201:1|205:1|207:1|208:0|210:1|213:0|219:0|220:1|221:0|222:1|225:0|226:0|229:1|232:0|234:1|235:1|237:1|238:0|245:1|248:1|253:0|254:0|255:0|256:1|257:1|258:0|259:1|264:0|267:1|268:1|269:1|270:1|271:1|272:0|273:0|279:0|282:0|283:0|284:1|285:1|286:0|287:1|288:1|289:1|291:0|292:0|294:0|303:1|304:1|305:0|306:0|307:0| -stringPrefs "3:7;release|151:0;|212:3;1.0|223:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵ ‎‏‐’․‧  ‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ￹￺￻�|224:4;high|278:38;{d61ee8e7-ee32-418e-82fc-39c84888359c}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 8184 "\\.\pipe\gecko-crash-server-pipe.8184" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="8184.27.1094560190\1509631472" -childID 4 -isForBrowser -intPrefs 6:50|7:-1|34:1000|42:20|43:5|44:10|51:0|57:128|58:10000|63:0|65:400|66:1|67:0|68:0|69:100|74:0|75:120|76:120|159:2|160:1|164:60|165:30|166:512000|175:5000|177:6|191:8192|192:524288|193:5|206:10000|227:24|228:32768|230:0|231:0|240:5|244:1048576|246:100|247:5000|249:600|251:1|260:2000|277:4|281:0|290:60000|308:300|309:30| -boolPrefs 1:0|2:0|4:1|5:0|24:1|27:0|28:1|29:1|31:1|32:1|33:1|36:0|37:0|38:1|41:1|45:1|46:0|47:0|48:1|49:1|50:1|52:0|55:1|56:1|59:0|60:0|61:0|62:0|64:0|70:1|71:1|72:0|73:1|77:1|78:1|79:0|80:0|81:1|82:1|83:0|84:1|87:0|88:0|91:1|92:1|96:1|97:1|98:0|99:1|100:0|101:0|103:0|104:0|105:1|106:1|107:1|110:1|111:1|112:1|113:1|114:1|115:0|116:0|117:0|119:0|120:1|121:1|122:0|123:0|124:0|125:0|127:1|128:0|129:1|130:1|131:1|132:0|133:0|134:1|135:1|136:1|137:1|138:0|139:1|140:1|141:1|142:1|143:1|144:1|145:0|146:1|147:1|148:0|149:1|150:0|152:0|153:0|154:0|155:1|156:1|157:1|158:1|161:1|162:0|172:0|173:0|174:1|178:1|181:0|182:1|184:1|186:0|188:1|194:1|195:0|196:1|197:1|198:0|201:1|205:1|207:1|208:0|210:1|213:0|219:0|220:1|221:0|222:1|225:0|226:0|229:1|232:0|234:1|235:1|237:1|238:0|245:1|248:1|253:0|254:0|255:0|256:1|257:1|258:0|259:1|264:0|267:1|268:1|269:1|270:1|271:1|272:0|273:0|279:0|282:0|283:0|284:1|285:1|286:0|287:1|288:1|289:1|291:0|292:0|294:0|303:1|304:1|305:0|306:0|307:0| -stringPrefs "3:7;release|151:0;|212:3;1.0|223:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵ ‎‏‐’․‧  ‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ￹￺￻�|224:4;high|278:38;{d61ee8e7-ee32-418e-82fc-39c84888359c}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 8184 "\\.\pipe\gecko-crash-server-pipe.8184" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="8184.34.107838508\684085568" -childID 5 -isForBrowser -intPrefs 6:50|7:-1|34:1000|42:20|43:5|44:10|51:0|57:128|58:10000|63:0|65:400|66:1|67:0|68:0|69:100|74:0|75:120|76:120|159:2|160:1|164:60|165:30|166:512000|175:5000|177:6|191:8192|192:524288|193:5|206:10000|227:24|228:32768|230:0|231:0|240:5|244:1048576|246:100|247:5000|249:600|251:1|260:2000|277:4|281:0|290:60000|308:300|309:30| -boolPrefs 1:0|2:0|4:1|5:0|24:1|27:0|28:1|29:1|31:1|32:1|33:1|36:0|37:0|38:1|41:1|45:1|46:0|47:0|48:1|49:1|50:1|52:0|55:1|56:1|59:0|60:0|61:0|62:0|64:0|70:1|71:1|72:0|73:1|77:1|78:1|79:0|80:0|81:1|82:1|83:0|84:1|87:0|88:0|91:1|92:1|96:1|97:1|98:0|99:1|100:0|101:0|103:0|104:0|105:1|106:1|107:1|110:1|111:1|112:1|113:1|114:1|115:0|116:0|117:0|119:0|120:1|121:1|122:0|123:0|124:0|125:0|127:1|128:0|129:1|130:1|131:1|132:0|133:0|134:1|135:1|136:1|137:1|138:0|139:1|140:1|141:1|142:1|143:1|144:1|145:0|146:1|147:1|148:0|149:1|150:0|152:0|153:0|154:0|155:1|156:1|157:1|158:1|161:1|162:0|172:0|173:0|174:1|178:1|181:0|182:1|184:1|186:0|188:1|194:1|195:0|196:1|197:1|198:0|201:1|205:1|207:1|208:0|210:1|213:0|219:0|220:1|221:0|222:1|225:0|226:0|229:1|232:0|234:1|235:1|237:1|238:0|245:1|248:1|253:0|254:0|255:0|256:1|257:1|258:0|259:1|264:0|267:1|268:1|269:1|270:1|271:1|272:0|273:0|279:0|282:0|283:0|284:1|285:1|286:0|287:1|288:1|289:1|291:0|292:0|294:0|303:1|304:1|305:0|306:0|307:0| -stringPrefs "3:7;release|151:0;|212:3;1.0|223:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵ ‎‏‐’․‧  ‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ￹￺￻�|224:4;high|278:38;{d61ee8e7-ee32-418e-82fc-39c84888359c}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 8184 "\\.\pipe\gecko-crash-server-pipe.8184" tab
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
"C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe" --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,DocumentWriteEvaluator<DocumentWriteEvaluator,RenderingPipelineThrottling<RenderingPipelineThrottling,V8_Serialize_Age_Code<V8SerializeOptions,V8_Serialize_Eager<V8SerializeOptions,WebRTC-H264WithOpenH264FFmpeg<WebRTC-H264WithOpenH264FFmpeg,token-binding<TokenBinding,use-new-media-cache<use-new-media-cache --force-fieldtrials=AutofillClassifier/Enabled/AutofillFieldMetadata/Enabled/AutofillProfileOrderByFrecency/EnabledLimitTo3/AutomaticTabDiscarding/Enabled_Once_10-gen2/BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Enabled/ChromotingQUIC/Enabled/DefaultBrowserInfobar/SettingsText/DocumentWriteEvaluator/Enabled/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/ExtensionActionRedesign/Enabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled/LocalNTPSuggestionsService/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/NewProfileManagement/Enabled/OfferUploadCreditCards/Enabled/PageRevisitInstrumentation/Enabled/PasswordBranding/SmartLockBrandingSavePromptOnly/PasswordGeneration/Disabled/PreRead/NoPrefetchArgument/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/RenderingPipelineThrottling/Enabled/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/UpdateTime15m/SchedulerExpensiveTaskBlocking/Enabled/SdchPersistence/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/StrictSecureCookies/Enabled/SyncHttpContentCompression/Enabled/TabSyncByRecency/Enabled/*TokenBinding/TokenBinding/TriggeredResetFieldTrial/On/V8SerializeOptions/SerializeEagerAndAgeCode/VarationsServiceControl/Interval_30min/WebFontsIntervention/Enabled/WebRTC-H264WithOpenH264FFmpeg/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/use-new-media-cache/Enabled/ --type=gpu-process --channel="1576.0.301737785\1798960473" --no-sandbox --user-data-dir="C:\Users\mirek\AppData\Local\ASUS GIFTBOX\User Data" --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,13,25,46,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x5a85 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=21.20.16.4627 --user-data-dir="C:\Users\mirek\AppData\Local\ASUS GIFTBOX\User Data" --mojo-platform-channel-handle=1264
"C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe" --type=renderer --disable-raf-throttling --no-sandbox --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,DocumentWriteEvaluator<DocumentWriteEvaluator,RenderingPipelineThrottling<RenderingPipelineThrottling,V8_Serialize_Age_Code<V8SerializeOptions,V8_Serialize_Eager<V8SerializeOptions,WebRTC-H264WithOpenH264FFmpeg<WebRTC-H264WithOpenH264FFmpeg,token-binding<TokenBinding,use-new-media-cache<use-new-media-cache --force-fieldtrials=AutofillClassifier/Enabled/AutofillFieldMetadata/Enabled/AutofillProfileOrderByFrecency/EnabledLimitTo3/*AutomaticTabDiscarding/Enabled_Once_10-gen2/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Enabled/ChromotingQUIC/Enabled/DefaultBrowserInfobar/SettingsText/DocumentWriteEvaluator/Enabled/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*ExtensionActionRedesign/Enabled/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled/*LocalNTPSuggestionsService/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/OfferUploadCreditCards/Enabled/*PageRevisitInstrumentation/Enabled/PasswordBranding/SmartLockBrandingSavePromptOnly/PasswordGeneration/Disabled/*PreRead/NoPrefetchArgument/*QUIC/Enabled/RefreshTokenDeviceId/Enabled/RenderingPipelineThrottling/Enabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/AllExceptAsyncScripts_11011_1_1_10/SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/UpdateTime15m/SchedulerExpensiveTaskBlocking/Enabled/SdchPersistence/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/StrictSecureCookies/Enabled/SyncHttpContentCompression/Enabled/TabSyncByRecency/Enabled/*TokenBinding/TokenBinding/*TriggeredResetFieldTrial/On/V8SerializeOptions/SerializeEagerAndAgeCode/VarationsServiceControl/Interval_30min/WebFontsIntervention/Enabled/WebRTC-H264WithOpenH264FFmpeg/Enabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/use-new-media-cache/Enabled/ --primordial-pipe-token=00AB44329777EC570C61C40D1A8511A3 --lang=cs --user-data-dir="C:\Users\mirek\AppData\Local\ASUS GIFTBOX\User Data" --nwjs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=fetchDeferLateScripts=true,fetchIncreaseFontPriority=true,fetchIncreasePriorities=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="1576.1.723064453\1088132774" --mojo-platform-channel-handle=2272
C:\WINDOWS\system32\wbem\wmiprvse.exe
dashost.exe {0e6b6462-7b22-4206-8fcb005b686baa98}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="8184.41.2060754255\152640431" -childID 6 -isForBrowser -intPrefs 6:50|7:-1|34:1000|42:20|43:5|44:10|51:0|57:128|58:10000|63:0|65:400|66:1|67:0|68:0|69:100|74:0|75:120|76:120|159:2|160:1|164:60|165:30|166:512000|175:5000|177:6|191:8192|192:524288|193:5|206:10000|227:24|228:32768|230:0|231:0|240:5|244:1048576|246:100|247:5000|249:600|251:1|260:2000|277:4|281:0|290:60000|308:300|309:30| -boolPrefs 1:0|2:0|4:1|5:0|24:1|27:0|28:1|29:1|31:1|32:1|33:1|36:0|37:0|38:1|41:1|45:1|46:0|47:0|48:1|49:1|50:1|52:0|55:1|56:1|59:0|60:0|61:0|62:0|64:0|70:1|71:1|72:0|73:1|77:1|78:1|79:0|80:0|81:1|82:1|83:0|84:1|87:0|88:0|91:1|92:1|96:1|97:1|98:0|99:1|100:0|101:0|103:0|104:0|105:1|106:1|107:1|110:1|111:1|112:1|113:1|114:1|115:0|116:0|117:0|119:0|120:1|121:1|122:0|123:0|124:0|125:0|127:1|128:0|129:1|130:1|131:1|132:0|133:0|134:1|135:1|136:1|137:1|138:0|139:1|140:1|141:1|142:1|143:1|144:1|145:0|146:1|147:1|148:0|149:1|150:0|152:0|153:0|154:0|155:1|156:1|157:1|158:1|161:1|162:0|172:0|173:0|174:1|178:1|181:0|182:1|184:1|186:0|188:1|194:1|195:0|196:1|197:1|198:0|201:1|205:1|207:1|208:0|210:1|213:0|219:0|220:1|221:0|222:1|225:0|226:0|229:1|232:0|234:1|235:1|237:1|238:0|245:1|248:1|253:0|254:0|255:0|256:1|257:1|258:0|259:1|264:0|267:1|268:1|269:1|270:1|271:1|272:0|273:0|279:0|282:0|283:0|284:1|285:1|286:0|287:1|288:1|289:1|291:0|292:0|294:0|303:1|304:1|305:0|306:0|307:0| -stringPrefs "3:7;release|151:0;|212:3;1.0|223:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵ ‎‏‐’․‧  ‪‫‬‭‮ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻　。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞．／｡ﾠ￹￺￻�|224:4;high|278:38;{d61ee8e7-ee32-418e-82fc-39c84888359c}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 8184 "\\.\pipe\gecko-crash-server-pipe.8184" tab
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x484
c:\windows\system32\svchost.exe -k netsvcs -p -s XblAuthManager
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Users\mirek\Downloads\RSITx64.exe"
C:\WINDOWS\system32\cmd.exe /s /c "powershell systeminfo | find /i "Original""
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\cmd.exe /s /c "powershell $packages = Get-AppxPackage; $result = @(); foreach ($package in $packages) { try { $manifest = Get-AppxPackageManifest $package; $applications = @(); foreach ($app in $manifest.Package.Applications.childNodes) { if ($app.Id) { $applications += @{ Id=$app.Id; StartPage=$app.StartPage; DisplayName=$app.Properties.DisplayName; Description=$app.Properties.Description; PublisherDisplayName=$app.Properties.PublisherDisplayName; Logo=$app.Properties.Logo; OSMinVersion=$app.Prerequisites.OSMinVersion; OSMaxVersionTested=$app.Prerequisites.OSMaxVersionTested; }; }; }; Add-Member -InputObject $package -NotePropertyName "Applications" -NotePropertyValue $applications; $result += $package; } catch {}; }; ConvertTo-JSON $result -depth 10;"
\??\C:\WINDOWS\system32\conhost.exe 0x4
powershell $packages = Get-AppxPackage; $result = @(); foreach ($package in $packages) { try { $manifest = Get-AppxPackageManifest $package; $applications = @(); foreach ($app in $manifest.Package.Applications.childNodes) { if ($app.Id) { $applications += @{ Id=$app.Id; StartPage=$app.StartPage; DisplayName=$app.Properties.DisplayName; Description=$app.Properties.Description; PublisherDisplayName=$app.Properties.PublisherDisplayName; Logo=$app.Properties.Logo; OSMinVersion=$app.Prerequisites.OSMinVersion; OSMaxVersionTested=$app.Prerequisites.OSMaxVersionTested; }; }; }; Add-Member -InputObject $package -NotePropertyName "Applications" -NotePropertyValue $applications; $result += $package; } catch {}; }; ConvertTo-JSON $result -depth 10;
powershell systeminfo
find /i "Original"
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.245_none_16ec1d963212a637\TiWorker.exe -Embedding

"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
integrator.exe /I /Extension /Msi PackageGUID="9AC08E99-230B-47e8-9721-4577B7F124EA" PackageRoot="C:\Program Files\Microsoft Office\root"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s DsmSvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 740 744 752 8192 748

=========Mozilla firefox=========

ProfilePath - C:\Users\mirek\AppData\Roaming\Mozilla\Firefox\Profiles\pexclm2t.default

"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2018-01-19 199648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-03-15 149168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2018-01-19 167480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-03-17 245608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\mirek\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-03-15 1559200]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-03-24 18:35:23 ----D---- C:\Program Files\trend micro
2018-03-24 18:35:19 ----D---- C:\rsit
2018-03-24 18:22:56 ----HD---- C:\OneDriveTemp
2018-03-24 18:20:11 ----D---- C:\ProgramData\Microsoft OneDrive
2018-03-20 16:48:16 ----SHD---- C:\ProgramData\Šablony
2018-03-20 16:48:16 ----SHD---- C:\ProgramData\Plocha
2018-03-20 16:48:16 ----SHD---- C:\ProgramData\Nabídka Start
2018-03-20 16:48:16 ----SHD---- C:\ProgramData\Dokumenty
2018-03-20 16:48:16 ----SHD---- C:\ProgramData\Data aplikací
2018-03-20 16:48:16 ----SHD---- C:\Documents and Settings
2018-03-20 16:45:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-20 16:44:58 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2018-03-20 16:34:28 ----D---- C:\ProgramData\USOShared
2018-03-20 16:27:57 ----SD---- C:\Users\mirek\AppData\Roaming\Microsoft
2018-03-20 16:26:38 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2018-03-20 16:26:23 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.DLL
2018-03-20 16:26:23 ----A---- C:\WINDOWS\system32\OpenCL.DLL
2018-03-20 16:24:59 ----AS---- C:\WINDOWS\bootstat.dat
2018-03-20 16:24:12 ----D---- C:\WINDOWS\Prefetch
2018-03-20 16:23:12 ----D---- C:\WINDOWS\system32\SleepStudy
2018-03-20 16:23:07 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\mfewfpk.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\mfeplk.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\mfencrk.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\mfencbdc.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\mfehidk.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\mfefirek.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\mfeelamk.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\mfeclnrk.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\mfeavfk.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\mfeaack.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\cfwids.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\aswbuniva.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\aswbloga.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\aswbidsha.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\aswbidsdrivera.sys
2018-03-20 15:31:55 ----A---- C:\WINDOWS\system32\drivers\aswArPot.sys
2018-03-20 15:31:15 ----A---- C:\WINDOWS\system32\mfevtps.exe
2018-03-20 15:31:12 ----A---- C:\WINDOWS\system32\aswBoot.exe
2018-03-20 15:25:58 ----D---- C:\WINDOWS\system32\Microsoft
2018-03-20 15:25:58 ----D---- C:\WINDOWS\ServiceProfiles
2018-03-20 15:19:10 ----D---- C:\Windows.old
2018-03-20 15:14:35 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2018-03-20 15:14:26 ----D---- C:\Program Files (x86)\Reference Assemblies
2018-03-20 15:14:26 ----D---- C:\Program Files (x86)\MSBuild
2018-03-20 15:14:25 ----D---- C:\Program Files\Reference Assemblies
2018-03-20 15:14:25 ----D---- C:\Program Files\MSBuild
2018-03-20 15:11:08 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2018-03-20 15:11:08 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2018-03-20 15:11:08 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-03-20 15:10:56 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2018-03-20 15:10:56 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-03-20 15:10:55 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-03-20 14:11:45 ----DC---- C:\WINDOWS\Panther
2018-03-20 11:58:16 ----D---- C:\Users\mirek\AppData\Roaming\Mozilla
2018-03-20 11:58:05 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-20 11:57:53 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2018-03-16 12:48:33 ----A---- C:\WINDOWS\system32\osrss.dll
2018-03-15 10:13:46 ----A---- C:\WINDOWS\progress.ini
2018-03-15 09:18:36 ----AD---- C:\Program Files\Common Files\DESIGNER
2018-03-15 09:17:07 ----D---- C:\Windows10Upgrade
2018-03-15 09:07:50 ----D---- C:\WINDOWS\UpdateAssistant

======List of files/folders modified in the last 1 month======

2018-03-24 18:35:33 ----D---- C:\WINDOWS\AppReadiness
2018-03-24 18:35:23 ----RD---- C:\Program Files
2018-03-24 18:35:17 ----D---- C:\WINDOWS\Temp
2018-03-24 18:35:01 ----RD---- C:\WINDOWS\PrintDialog
2018-03-24 18:33:58 ----AD---- C:\Program Files\Microsoft Office
2018-03-24 18:33:00 ----SD---- C:\ProgramData\Microsoft
2018-03-24 18:31:16 ----D---- C:\WINDOWS\DeliveryOptimization
2018-03-24 18:30:31 ----D---- C:\WINDOWS\Logs
2018-03-24 18:24:01 ----D---- C:\WINDOWS\system32\sru
2018-03-24 18:23:26 ----D---- C:\Program Files (x86)\McAfee
2018-03-24 18:22:08 ----D---- C:\WINDOWS\INF
2018-03-24 18:20:11 ----HD---- C:\ProgramData
2018-03-24 18:19:17 ----D---- C:\WINDOWS\system32\Tasks
2018-03-24 18:18:45 ----D---- C:\WINDOWS\system32\WDI
2018-03-24 18:17:34 ----D---- C:\WINDOWS\Registration
2018-03-20 17:06:21 ----RD---- C:\WINDOWS\Microsoft.NET
2018-03-20 17:05:03 ----RD---- C:\WINDOWS\assembly
2018-03-20 16:48:16 ----D---- C:\Program Files\windows nt
2018-03-20 16:47:39 ----D---- C:\WINDOWS\system32\LogFiles
2018-03-20 16:47:23 ----D---- C:\WINDOWS\system32\config
2018-03-20 16:47:06 ----D---- C:\WINDOWS\SoftwareDistribution
2018-03-20 16:47:01 ----D---- C:\WINDOWS\Tasks
2018-03-20 16:46:00 ----D---- C:\Windows
2018-03-20 16:45:53 ----D---- C:\WINDOWS\System32
2018-03-20 16:44:30 ----D---- C:\WINDOWS\debug
2018-03-20 16:43:46 ----D---- C:\WINDOWS\system32\wbem
2018-03-20 16:41:49 ----D---- C:\WINDOWS\system32\DriverStore
2018-03-20 16:41:45 ----D---- C:\WINDOWS\system32\catroot2
2018-03-20 16:37:23 ----D---- C:\WINDOWS\WinSxS
2018-03-20 16:36:23 ----HD---- C:\Program Files\WindowsApps
2018-03-20 16:34:29 ----D---- C:\ProgramData\USOPrivate
2018-03-20 16:32:19 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-03-20 16:27:57 ----RD---- C:\Users
2018-03-20 16:27:05 ----HD---- C:\Recovery
2018-03-20 16:27:03 ----D---- C:\WINDOWS\system32\Sysprep
2018-03-20 16:26:59 ----D---- C:\WINDOWS\system32\drivers
2018-03-20 16:26:54 ----D---- C:\WINDOWS\SYSWOW64\sda
2018-03-20 16:26:54 ----D---- C:\WINDOWS\SysWOW64
2018-03-20 16:25:21 ----D---- C:\WINDOWS\system32\DAX2
2018-03-20 16:25:07 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2018-03-20 16:24:51 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-03-20 15:31:58 ----D---- C:\WINDOWS\system32\oobe
2018-03-20 15:31:57 ----D---- C:\WINDOWS\system32\Intel
2018-03-20 15:30:59 ----D---- C:\Program Files (x86)\Windows Mail
2018-03-20 15:30:57 ----D---- C:\Program Files\Windows Mail
2018-03-20 15:30:57 ----D---- C:\Program Files\Realtek
2018-03-20 15:30:55 ----D---- C:\WINDOWS\appcompat
2018-03-20 15:22:48 ----D---- C:\WINDOWS\CbsTemp
2018-03-20 15:21:42 ----D---- C:\WINDOWS\system32\Recovery
2018-03-20 15:19:22 ----D---- C:\WINDOWS\system32\WinBioDatabase
2018-03-20 15:19:21 ----RSD---- C:\WINDOWS\Fonts
2018-03-20 15:19:21 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2018-03-20 15:19:18 ----D---- C:\WINDOWS\system32\spool
2018-03-20 15:19:18 ----D---- C:\WINDOWS\system32\drivers\etc
2018-03-20 15:19:16 ----HD---- C:\WINDOWS\Installer
2018-03-20 15:19:16 ----D---- C:\WINDOWS\LiveKernelReports
2018-03-20 15:19:15 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-03-20 15:19:14 ----RD---- C:\Program Files (x86)
2018-03-20 15:19:14 ----D---- C:\Program Files\Intel
2018-03-20 15:19:14 ----D---- C:\Program Files\Common Files\microsoft shared
2018-03-20 15:19:14 ----D---- C:\Program Files (x86)\Microsoft.NET
2018-03-20 15:19:14 ----D---- C:\Program Files (x86)\Common Files
2018-03-20 15:19:13 ----D---- C:\Program Files\Common Files
2018-03-20 15:19:07 ----D---- C:\WINDOWS\Setup
2018-03-20 15:14:35 ----D---- C:\WINDOWS\SYSWOW64\MUI
2018-03-20 15:14:35 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-03-20 15:14:35 ----D---- C:\WINDOWS\system32\MUI
2018-03-20 15:14:35 ----D---- C:\WINDOWS\system32\cs-CZ
2018-03-20 13:54:53 ----HD---- C:\$GetCurrent
2018-03-20 12:55:14 ----SHD---- C:\System Volume Information
2018-03-17 15:15:08 ----AD---- C:\Program Files\mcafee
2018-03-17 15:14:09 ----SHD---- C:\Config.Msi
2018-03-16 12:52:26 ----AD---- C:\Program Files\rempl
2018-03-16 12:52:09 ----D---- C:\WINDOWS\system32\MRT
2018-03-16 12:49:06 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-16 12:48:58 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-03-15 09:14:22 ----D---- C:\Program Files\Common Files\mcafee
2018-03-15 09:08:11 ----D---- C:\ProgramData\McAfee

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-03-17 84368]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2018-01-31 948128]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\WINDOWS\system32\drivers\mfewfpk.sys [2018-01-31 252832]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-03-17 215320]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-03-17 460520]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2015-05-08 20096]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2017-12-14 59800]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-03-17 146656]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-09-29 384000]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2016-11-14 29312]
R3 AsusPTPDrv;@oem14.inf,%AsusPTP.SvcDesc%;ASUS Touch Service; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [2016-10-11 99320]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-09-29 105472]
R3 bthl2cap;@bthl2cap.inf,%bthl2cap_desc%;Ovladač podpory protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\bthl2cap.sys [2017-09-29 83968]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-09-29 78848]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-29 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2017-09-29 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [2016-11-01 71232]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [2016-11-01 66616]
R3 esif_lf;esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [2016-11-01 350272]
R3 HIDSwitch;@oem5.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2015-08-19 27872]
R3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
R3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\igdkmd64.sys [2017-04-04 11070448]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-10-21 5371912]
R3 IntcDAud;@oem15.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2017-03-24 820752]
R3 MEIx64;@oem10.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-08-10 204912]
R3 mfeaack;McAfee Inc. mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys [2018-01-31 496544]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2018-01-31 357792]
R3 mfefirek;McAfee Inc. mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [2018-01-31 528288]
R3 mfencbdc;McAfee LLC. mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [2017-11-21 521128]
R3 mfeplk;McAfee Inc. mfeplk; C:\WINDOWS\system32\drivers\mfeplk.sys [2018-01-31 115104]
R3 mfesapsn;McAfee Process Start Notification Service; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2017-02-14 111608]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-09-29 189440]
R3 rt640x64;@oem23.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2016-08-01 943112]
R3 RtkBtFilter;@oem13.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2017-07-12 724448]
R3 RTSUER;@oem22.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2017-01-19 419296]
R3 RTWlanE;@oem19.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2017-07-14 6907240]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\WINDOWS\system32\drivers\mfeelamk.sys [2018-01-31 83952]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-03-17 196648]
S3 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-03-17 227504]
S3 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-03-17 199440]
S3 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-03-17 343752]
S3 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-03-17 57680]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-03-17 46968]
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-03-17 110328]
S3 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-03-17 1026696]
S3 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-03-17 205976]
S3 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-03-17 380528]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHport.sys [2017-12-14 1015296]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 cfwids;McAfee Inc. cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [2018-01-31 77216]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mfeavfk01;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk01.sys []
S3 mfencrk;McAfee LLC. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2017-11-21 108464]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2016-07-28 130744]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-03-17 303728]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_2aefec;Uživatelská služba platformy připojených zařízení_2aefec; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-03-12 7962288]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\IntelCpHDCPSvc.exe [2017-04-04 480752]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 esifsvc;@oem16.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2016-11-01 2215168]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\igfxCUIService.exe [2017-04-04 341488]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [2016-11-16 176416]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2018-01-19 604312]
R2 McAPExe;McAfee AP Service; C:\Program Files\Common Files\McAfee\VSCore_15_8\McApExe.exe [2018-01-31 728296]
R2 mccspsvc;McAfee CSP Service; C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\\McCSPServiceHost.exe [2017-12-14 2140888]
R2 mfemms;McAfee Service Controller; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [2018-01-26 512976]
R2 ModuleCoreService;McAfee Module Core Service; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [2017-12-19 1666224]
R2 OneSyncSvc_2aefec;Hostitel synchronizace_2aefec; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 PEFService;McAfee PEF Service; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [2018-01-30 1045360]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkBtManServ;@oem13.inf,%BtDevMan.SvcDesc%;Realtek Bluetooth Device Manager Service; C:\WINDOWS\RtkBtManServ.exe [2017-07-12 293344]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-12-14 519152]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\IntelCpHeciSvc.exe [2017-04-04 303088]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-09-28 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2018-01-26 475600]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_2aefec;Data kontaktů_2aefec; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 0143691521915884mcinstcleanup;McAfee Application Installer Cleanup (0143691521915884); C:\WINDOWS\TEMP\014369~1.EXE [2018-03-24 1031928]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-03-17 7556704]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 ClientAnalyticsService;ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [2017-09-21 1511728]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_2aefec;Tok zařízení_2aefec; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\iCLS\SocketHeciServer.exe [2016-05-23 974632]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 McAWFwk;McAfee Activation Service; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [2016-11-15 454560]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_2aefec;Služba zasílání zpráv_2aefec; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2018-01-26 359888]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-03-24 174544]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-02-22 262832]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_2aefec;PrintWorkflow_2aefec; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-12-14 956416]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]

-----------------EOF-----------------

Kód: Vybrat vše

#2 Příspěvek od **Conder** » 24 bře 2018 19:43

Ahoj

Odinstaluj vsetky McAfee programy, kedze tam uz mas Avast.

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Scan (Skenovanie) a pockaj na dokoncenie
Klikni na Clean (Cistenie) a potvrd kliknutim na OK
AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj

sarka124 · #3 Příspěvek od **sarka124** » 24 bře 2018 20:30

Děkuju. Programy odinstalovány, přikládám log.
Ten Avast je ok, nebo mám stáhnout něco jiného?

# AdwCleaner 7.0.8.0 - Logfile created on Sat Mar 24 19:22:09 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [945 B] - [2018/3/24 19:20:42]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

#4 Příspěvek od **Conder** » 24 bře 2018 20:55

Ano, Avast je OK.

Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.

sarka124 · #5 Příspěvek od **sarka124** » 24 bře 2018 21:04

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by mirek (administrator) on DESKTOP-RFRTGRN (24-03-2018 19:59:47)
Running from C:\Users\mirek\OneDrive\Plocha
Loaded Profiles: mirek (Available Profiles: mirek)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\IntelCpHDCPSvc.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\igfxEM.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-17] (AVAST Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.3.1 192.168.2.1
Tcpip\..\Interfaces\{203109a1-911a-4891-aebe-becbceb66251}: [DhcpNameServer] 172.23.0.1 172.23.0.2
Tcpip\..\Interfaces\{7d01ff7f-22da-4ac6-b8a2-47d00e3337ef}: [DhcpNameServer] 192.168.3.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-1478508248-391976161-3340998328-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-1478508248-391976161-3340998328-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-03-15] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-15] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-03-15] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-03-15] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-15] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-03-15] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-03-15] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: pexclm2t.default
FF ProfilePath: C:\Users\mirek\AppData\Roaming\Mozilla\Firefox\Profiles\pexclm2t.default [2018-03-24]
FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\mirek\AppData\Roaming\Mozilla\Firefox\Profiles\pexclm2t.default\features\{a068cd5e-c9e8-4d9f-9fe7-dbd447956d91}\tls13-rollout-bug1442042@mozilla.org.xpi [2018-03-24] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-03-15] (Microsoft Corporation)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7556704 2018-03-17] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-17] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7962288 2018-03-12] (Microsoft Corporation)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2215168 2016-11-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\iCLS\SocketHeciServer.exe [974632 2016-05-23] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [176416 2016-11-16] (Intel Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [293344 2017-07-12] (Realtek Semiconductor Corp.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [99320 2016-10-11] (ASUS Corporation)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196648 2018-03-17] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-17] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-17] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-17] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-17] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [215320 2018-03-17] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-03-17] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146656 2018-03-17] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110328 2018-03-17] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-03-17] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-03-17] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-03-17] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-03-17] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380528 2018-03-17] (AVAST Software)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [71232 2016-11-01] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [66616 2016-11-01] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [350272 2016-11-01] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-01] (Realtek )
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [724448 2017-07-12] (Realtek Semiconductor Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [419296 2017-01-19] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6907240 2017-07-14] (Realtek Semiconductor Corporation )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-24 19:59 - 2018-03-24 19:59 - 000000000 ____D C:\FRST
2018-03-24 19:16 - 2018-03-24 19:22 - 000000000 ____D C:\AdwCleaner
2018-03-24 19:12 - 2018-03-24 19:12 - 000000000 ___HD C:\OneDriveTemp
2018-03-24 18:37 - 2018-03-24 18:37 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-03-24 18:35 - 2018-03-24 18:36 - 000000000 ____D C:\rsit
2018-03-24 18:35 - 2018-03-24 18:35 - 000000000 ____D C:\Program Files\trend micro
2018-03-24 18:33 - 2018-03-24 18:33 - 001222144 _____ C:\Users\mirek\Downloads\RSITx64.exe
2018-03-24 18:20 - 2018-03-24 18:20 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-03-24 18:17 - 2018-03-24 18:17 - 000000000 ___RD C:\Users\mirek\3D Objects
2018-03-24 18:16 - 2018-03-24 18:16 - 000000020 ___SH C:\Users\mirek\ntuser.ini
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\Users\Default\Šablony
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\Users\Default\Poslední
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\Users\Default\Okolní síť
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\Users\Default\Dokumenty
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\Users\Default\Data aplikací
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\ProgramData\Šablony
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\ProgramData\Plocha
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\ProgramData\Dokumenty
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\ProgramData\Data aplikací
2018-03-20 16:48 - 2018-03-20 16:48 - 000000000 _SHDL C:\Documents and Settings
2018-03-20 16:47 - 2018-03-24 19:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-20 16:47 - 2018-03-24 19:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-03-20 16:47 - 2018-03-24 18:19 - 000003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2018-03-20 16:47 - 2018-03-24 18:19 - 000003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2018-03-20 16:47 - 2018-03-24 18:18 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-03-20 16:47 - 2018-03-20 16:47 - 000003274 _____ C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1478508248-391976161-3340998328-1001
2018-03-20 16:47 - 2018-03-20 16:47 - 000003134 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2018-03-20 16:47 - 2018-03-20 16:47 - 000002968 _____ C:\WINDOWS\System32\Tasks\Update Checker
2018-03-20 16:47 - 2018-03-20 16:47 - 000002924 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
2018-03-20 16:47 - 2018-03-20 16:47 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1478508248-391976161-3340998328-1001
2018-03-20 16:47 - 2018-03-20 16:47 - 000002768 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2018-03-20 16:47 - 2018-03-20 16:47 - 000002346 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_ListenToDevice
2018-03-20 16:47 - 2018-03-20 16:47 - 000002340 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2018-03-20 16:47 - 2018-03-20 16:47 - 000002280 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2018-03-20 16:47 - 2018-03-20 16:47 - 000002214 _____ C:\WINDOWS\System32\Tasks\ATK Package A22126881260
2018-03-20 16:47 - 2018-03-20 16:47 - 000001984 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2018-03-20 16:47 - 2018-03-20 16:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-03-20 16:47 - 2018-03-20 16:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\ASUSTek Computer Inc
2018-03-20 16:47 - 2018-03-20 16:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2018-03-20 16:46 - 2018-03-20 16:46 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2018-03-20 16:46 - 2018-03-20 16:46 - 000007623 _____ C:\WINDOWS\diagerr.xml
2018-03-20 16:45 - 2018-03-24 19:31 - 001847810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-20 16:44 - 2018-03-20 16:44 - 000022924 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-03-20 16:34 - 2018-03-20 16:34 - 000000000 ____D C:\ProgramData\USOShared
2018-03-20 16:31 - 2018-03-20 16:31 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-03-20 16:28 - 2018-03-24 19:35 - 000000000 ____D C:\Users\mirek\AppData\Local\Packages
2018-03-20 16:27 - 2018-03-24 18:17 - 000000000 ____D C:\Users\mirek
2018-03-20 16:27 - 2018-03-20 16:27 - 000000000 _SHDL C:\Users\mirek\Šablony
2018-03-20 16:27 - 2018-03-20 16:27 - 000000000 _SHDL C:\Users\mirek\Soubory cookie
2018-03-20 16:27 - 2018-03-20 16:27 - 000000000 _SHDL C:\Users\mirek\Poslední
2018-03-20 16:27 - 2018-03-20 16:27 - 000000000 _SHDL C:\Users\mirek\Okolní tiskárny
2018-03-20 16:27 - 2018-03-20 16:27 - 000000000 _SHDL C:\Users\mirek\Okolní síť
2018-03-20 16:27 - 2018-03-20 16:27 - 000000000 _SHDL C:\Users\mirek\Nabídka Start
2018-03-20 16:27 - 2018-03-20 16:27 - 000000000 _SHDL C:\Users\mirek\Dokumenty
2018-03-20 16:27 - 2018-03-20 16:27 - 000000000 _SHDL C:\Users\mirek\Data aplikací
2018-03-20 16:27 - 2018-03-20 16:27 - 000000000 _SHDL C:\Users\mirek\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-03-20 16:27 - 2018-03-20 16:27 - 000000000 _SHDL C:\Users\mirek\AppData\Local\Data aplikací
2018-03-20 16:26 - 2017-09-29 13:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-03-20 16:26 - 2017-04-04 15:29 - 000113672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2018-03-20 16:26 - 2017-04-04 15:29 - 000104456 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2018-03-20 16:23 - 2018-03-24 18:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-20 16:23 - 2018-03-20 16:38 - 000400512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-20 15:31 - 2018-03-17 09:19 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-03-20 15:31 - 2018-03-17 09:19 - 000380768 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-03-20 15:31 - 2018-03-17 09:19 - 000380528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-03-20 15:31 - 2018-03-17 09:19 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-03-20 15:31 - 2018-03-17 09:19 - 000196648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-03-20 15:31 - 2018-03-17 09:19 - 000146656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-03-20 15:31 - 2018-03-17 09:19 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-03-20 15:31 - 2018-03-17 09:19 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-03-20 15:31 - 2018-03-17 09:19 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-03-20 15:31 - 2018-03-17 09:18 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-03-20 15:31 - 2018-03-17 09:18 - 000343752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-03-20 15:31 - 2018-03-17 09:18 - 000227504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-03-20 15:31 - 2018-03-17 09:18 - 000199440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-03-20 15:31 - 2018-03-17 09:18 - 000057680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-03-20 15:30 - 2018-03-20 15:19 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-03-20 15:25 - 2018-03-20 15:31 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-03-20 15:19 - 2018-03-20 16:49 - 000000000 ____D C:\Windows.old
2018-03-20 15:14 - 2018-03-20 15:14 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-03-20 15:14 - 2018-03-20 15:14 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-03-20 15:14 - 2018-03-20 15:14 - 000000000 ____D C:\Program Files\MSBuild
2018-03-20 15:14 - 2018-03-20 15:14 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-03-20 15:14 - 2018-03-20 15:14 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-03-20 15:11 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-03-20 15:11 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-03-20 15:11 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-03-20 15:10 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-03-20 15:10 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-03-20 15:10 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-03-20 14:54 - 2018-03-20 14:54 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-03-20 14:11 - 2018-03-24 18:16 - 000000000 ___DC C:\WINDOWS\Panther
2018-03-20 11:58 - 2018-03-24 19:58 - 000000000 ____D C:\Users\mirek\AppData\LocalLow\Mozilla
2018-03-20 11:58 - 2018-03-24 19:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-20 11:58 - 2018-03-24 18:22 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-03-20 11:58 - 2018-03-20 12:03 - 000000000 ____D C:\Users\mirek\AppData\Local\Mozilla
2018-03-20 11:58 - 2018-03-20 11:58 - 000000000 ____D C:\Users\mirek\AppData\Roaming\Mozilla
2018-03-20 11:57 - 2018-03-24 19:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-20 11:56 - 2018-03-20 11:57 - 036772720 _____ (Mozilla) C:\Users\mirek\Downloads\Firefox_Setup_58.0.1.exe
2018-03-17 09:04 - 2018-03-17 09:04 - 000000443 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2018-03-16 12:48 - 2018-01-18 01:05 - 000108584 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-03-15 11:00 - 2018-03-15 11:00 - 000000000 ____D C:\Users\mirek\AppData\Local\DBG
2018-03-15 10:39 - 2018-03-15 10:40 - 000127094 _____ C:\WINDOWS\mnd380C.diagerr.mdmp
2018-03-15 10:13 - 2018-03-20 14:11 - 000000036 _____ C:\WINDOWS\progress.ini
2018-03-15 09:17 - 2018-03-20 14:11 - 000000000 ____D C:\Windows10Upgrade
2018-03-15 09:17 - 2018-03-20 12:00 - 000000815 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník s aktualizací Windows 10.lnk
2018-03-15 09:07 - 2018-03-15 09:07 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-03-01 15:50 - 2018-03-01 15:50 - 000641696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2018-03-01 15:50 - 2018-03-01 15:50 - 000087728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-24 19:44 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-24 19:40 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-03-24 19:38 - 2017-09-29 13:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-24 19:35 - 2017-09-29 13:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-24 19:31 - 2017-09-30 14:31 - 000789488 _____ C:\WINDOWS\system32\perfh005.dat
2018-03-24 19:31 - 2017-09-30 14:31 - 000161884 _____ C:\WINDOWS\system32\perfc005.dat
2018-03-24 19:31 - 2017-09-29 13:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-24 19:28 - 2018-01-28 19:08 - 000000182 _____ C:\Users\mirek\AppData\Roaming\sp_data.sys
2018-03-24 19:26 - 2018-01-28 19:13 - 000000000 ___RD C:\Users\mirek\OneDrive
2018-03-24 19:24 - 2018-01-28 19:05 - 000000000 __SHD C:\Users\mirek\IntelGraphicsProfiles
2018-03-24 19:23 - 2017-10-09 15:55 - 000000000 ____D C:\ProgramData\McAfee
2018-03-24 19:22 - 2017-09-29 08:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-03-24 19:09 - 2017-10-09 15:56 - 000000000 ____D C:\Program Files\mcafee
2018-03-24 19:01 - 2017-09-29 08:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-03-24 18:40 - 2017-09-29 13:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-03-24 18:37 - 2017-09-29 13:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-03-24 18:35 - 2017-09-29 13:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-03-24 18:33 - 2017-10-09 16:21 - 000000000 ____D C:\Program Files\Microsoft Office
2018-03-24 18:18 - 2018-01-28 19:05 - 000000000 ____D C:\Users\mirek\AppData\Local\TileDataLayer
2018-03-24 18:17 - 2017-10-09 15:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-03-24 18:17 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\Registration
2018-03-20 16:48 - 2017-09-29 13:46 - 000000000 ____D C:\Program Files\windows nt
2018-03-20 16:45 - 2017-10-09 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2018-03-20 16:44 - 2017-09-29 13:46 - 000000000 __RHD C:\Users\Public\Libraries
2018-03-20 16:34 - 2017-09-29 13:46 - 000000000 ____D C:\ProgramData\USOPrivate
2018-03-20 16:32 - 2017-09-29 13:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-03-20 16:27 - 2017-09-29 08:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-03-20 16:26 - 2017-10-09 15:44 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2018-03-20 16:25 - 2017-10-09 15:40 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-03-20 16:25 - 2017-10-09 15:40 - 000000000 ____D C:\WINDOWS\system32\DAX2
2018-03-20 15:31 - 2017-10-09 16:17 - 000000000 ____D C:\WINDOWS\system32\Intel
2018-03-20 15:31 - 2017-10-09 15:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2018-03-20 15:31 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-03-20 15:30 - 2017-10-09 15:40 - 000000000 ____D C:\Program Files\Realtek
2018-03-20 15:30 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-03-20 15:22 - 2017-09-29 13:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-03-20 15:19 - 2018-01-28 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-03-20 15:19 - 2017-10-09 16:16 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 12
2018-03-20 15:19 - 2017-10-09 16:12 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 5
2018-03-20 15:19 - 2017-10-09 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2018-03-20 15:19 - 2017-10-09 15:29 - 000000000 ____D C:\Program Files\Intel
2018-03-20 15:19 - 2017-09-29 13:49 - 000000000 ____D C:\WINDOWS\Setup
2018-03-20 15:19 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-03-20 15:19 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-03-20 15:19 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-03-20 15:19 - 2017-03-18 21:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-03-20 15:14 - 2017-12-14 01:34 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-03-20 15:14 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-03-20 15:14 - 2017-09-29 13:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-03-20 13:54 - 2018-01-28 19:10 - 000000000 ___HD C:\$GetCurrent
2018-03-17 09:20 - 2018-01-28 19:54 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-03-17 09:18 - 2018-01-28 19:53 - 000215320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-03-16 12:52 - 2018-01-31 19:54 - 000000000 ____D C:\Program Files\rempl
2018-03-16 12:52 - 2018-01-31 19:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-16 12:49 - 2018-01-31 19:34 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-16 12:48 - 2018-01-31 19:33 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-15 09:05 - 2018-01-28 19:13 - 000002389 _____ C:\Users\mirek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-03-02 21:09 - 2017-09-29 13:49 - 000834552 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-03-02 21:09 - 2017-09-29 13:49 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2018-01-28 19:08 - 2018-03-24 19:28 - 000000182 _____ () C:\Users\mirek\AppData\Roaming\sp_data.sys

Some files in TEMP:
====================
2018-03-24 19:14 - 2018-01-24 14:48 - 001011152 _____ (McAfee, Inc.) C:\Users\mirek\AppData\Local\Temp\0240971521918863mcinst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-20 16:23

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by mirek (24-03-2018 20:01:41)
Running from C:\Users\mirek\OneDrive\Plocha
Windows 10 Home Version 1709 16299.125 (X64) (2018-03-20 16:49:05)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1478508248-391976161-3340998328-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1478508248-391976161-3340998328-503 - Limited - Disabled)
Guest (S-1-5-21-1478508248-391976161-3340998328-501 - Limited - Disabled)
mirek (S-1-5-21-1478508248-391976161-3340998328-1001 - Administrator - Enabled) => C:\Users\mirek
WDAGUtilityAccount (S-1-5-21-1478508248-391976161-3340998328-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.5.24 - ASUSTek Computer Inc)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.19.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.2.0 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0050 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.3.16 - ICEpower a/s)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.2.2328 - AVAST Software)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.7 - ASUSTek COMPUTER INC.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1631.3 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 3.0.12.1138 - Intel Corporation)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.9029.2253 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1478508248-391976161-3340998328-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 59.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 59.0.1 (x86 en-US)) (Version: 59.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22395 - Microsoft Corporation)
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.4.887.170518 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7960 - Realtek Semiconductor Corp.)
Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0015 - REALTEK Semiconductor Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{5419625B-B332-4EEC-910D-C0C2953DB084}) (Version: 2.13.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{B8B01E04-5393-4902-98E6-0E2787F03C80}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (09/23/2016 11.0.0.14) (HKLM\...\F95583A62AB902A3FC263F668380483F9E0113CD) (Version: 09/23/2016 11.0.0.14 - ASUS)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-17] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-17] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-17] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e86b99588b4280e4\igfxDTCM.dll [2017-04-04] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-17] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08534619-C7A9-4313-A30C-4F088566BFB5} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {0899FE00-9FC5-412D-BD4C-3503CF4A8BD3} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {09571488-2007-4DA4-BD84-324C1552C48C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-24] (Microsoft Corporation)
Task: {1CF05FE4-F83F-4E7A-8172-93E7B062EC05} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {24A9416F-2C32-465F-8F0B-DC867A5077C9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-12] (Microsoft Corporation)
Task: {24CECA92-457A-4A5D-A840-6DC13F029470} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {27D786A4-4471-44E5-A8B2-8FC7A063294B} - System32\Tasks\ASUSTek Computer Inc\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [2017-07-03] (ASUSTek Computer Inc)
Task: {2BEF32B0-0590-413D-96A9-0508BE920B6D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\TXE Components\iCLS\IntelPTTEKRecertification.exe [2016-05-23] (Intel(R) Corporation)
Task: {35FAE5CA-50E5-41CD-8D89-3A4423C1906E} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-1478508248-391976161-3340998328-1001
Task: {54CBFE47-0D48-481D-9213-0040C1388AEA} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-10-21] (Realtek Semiconductor)
Task: {5732346A-B734-4362-B350-01FF2A0F0292} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {8AF7E1D5-D1D3-42B1-B9A4-1529B34E6AA2} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-10-21] (Realtek Semiconductor)
Task: {96FAA714-6239-496C-AE67-828604DA9A77} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-28] (AVAST Software)
Task: {98212C60-4304-4236-983D-44560A2C0B33} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2016-11-14] (ASUSTek Computer Inc.)
Task: {A11952F8-3E8C-4700-804F-32C011D6D4F5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-12] (Microsoft Corporation)
Task: {B1744136-D3FC-44D1-BB15-326E42C89009} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-24] (Microsoft Corporation)
Task: {B8C100CB-4B01-4707-97EC-F0E89B1BF0A1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-03-17] (AVAST Software)
Task: {CC57BB0C-89EE-453F-9D39-3B52DFF97A5B} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2016-10-12] (ASUS)
Task: {F41771E8-2323-4385-AD92-4DF59CE222B1} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2016-11-09] (ASUSTek COMPUTER INC.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 13:41 - 2017-09-29 13:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-09 16:16 - 2014-04-14 17:59 - 000389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-12-14 01:34 - 2017-12-14 01:34 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 01:34 - 2017-12-14 01:34 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-03-17 14:24 - 2018-03-17 14:24 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-03-17 14:24 - 2018-03-17 14:24 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-03-17 14:24 - 2018-03-17 14:24 - 022044160 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-03-17 14:24 - 2018-03-17 14:24 - 002559488 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\skypert.dll
2018-03-17 14:24 - 2018-03-17 14:24 - 000657408 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-09-29 13:41 - 2017-09-29 13:41 - 001909248 _____ () C:\Windows\ShellExperiences\PeopleCommonControls.dll
2017-09-29 13:41 - 2017-09-29 13:41 - 001266176 _____ () C:\Windows\ShellExperiences\PeopleBarFlyout.dll
2017-12-14 01:34 - 2017-12-14 01:34 - 002988032 _____ () C:\Windows\ShellExperiences\WindowsInternal.People.PeoplePicker.dll
2017-07-03 09:51 - 2017-07-03 09:51 - 001937408 _____ () C:\Program Files (x86)\ASUS\Giftbox\ffmpeg.dll
2018-03-17 09:19 - 2018-03-17 09:19 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-03-17 09:19 - 2018-03-17 09:19 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-03-17 09:19 - 2018-03-17 09:19 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-03-17 09:18 - 2018-03-17 09:18 - 000275160 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2016-10-12 21:17 - 2016-10-12 21:17 - 000033280 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2016-10-12 21:17 - 2016-10-12 21:17 - 000125440 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2016-10-12 21:17 - 2016-10-12 21:17 - 000029184 _____ () C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2017-07-03 09:51 - 2017-07-03 09:51 - 002177536 _____ () C:\Program Files (x86)\ASUS\Giftbox\libglesv2.dll
2017-07-03 09:51 - 2017-07-03 09:51 - 000079360 _____ () C:\Program Files (x86)\ASUS\Giftbox\libegl.dll
2017-07-03 09:51 - 2017-07-03 09:51 - 003561984 _____ () C:\Program Files (x86)\ASUS\Giftbox\node.dll
2017-07-03 09:51 - 2017-07-03 09:51 - 000292352 _____ () \\?\C:\Program Files (x86)\ASUS\Giftbox\node_modules\appcloud-native-utils\anu.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 21:03 - 2017-03-18 21:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1478508248-391976161-3340998328-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 192.168.3.1 - 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DC50A540-DCBC-45AC-8610-30D658225AC2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{93C2822B-A8D0-4C7E-8071-ECB99BE6CA31}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B180FFD6-1FC5-487C-94C6-22317084ECF3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7FAC4836-FE79-4A3A-BEC9-18EF0096FC7B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2E2AB319-DA95-41E8-A32D-B4D7C9398246}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{879B0033-4BF4-4496-9640-67368183BD7B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{C3C207E8-0800-4896-ACE8-9A8739A35ADA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{14B3434C-CF67-417F-8A52-B770E983421C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F7757C91-36D5-4CCD-AF97-A861A22F12D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0B84D269-9CD6-461C-8A7C-A3DBC0FAF57E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{4E3F6BE4-9001-40D6-AA9A-51A4455205ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{908B8D81-5599-40B7-BA99-BD02E173DF0C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A933DEB7-7E1E-4A19-87DD-228C72C2EAAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{71550B22-F2FD-412D-875F-8E38D9EA777B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.75.483.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{592D24B1-A891-43CC-9527-DACF1E9F4717}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A6AF2A12-476F-41F7-B816-C43997C28C59}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe
FirewallRules: [{6AC70A02-70D8-403C-BEF5-2B7D267ED52F}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe
FirewallRules: [{5A68DF4F-7D67-41E4-ABFC-FC590051629F}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE

==================== Restore Points =========================

24-03-2018 19:30:37 Windows Update
24-03-2018 19:32:07 Windows Update

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/24/2018 06:34:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-RFRTGRN)
Description: Balíček Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (03/20/2018 04:44:59 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (03/20/2018 04:42:33 PM) (Source: ESENT) (EventID: 455) (User: )
Description: mighost (3532,R,0) TILEREPOSITORYS-1-0-0: Při otevírání souboru protokolu C:\Users\Default\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/20/2018 04:41:55 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (03/20/2018 04:41:55 PM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (03/20/2018 04:41:54 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A

System errors:
=============
Error: (03/24/2018 07:48:56 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/24/2018 07:38:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/24/2018 07:32:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): 2018-03 Kumulativní aktualizace pro Windows 10 Version 1709 pro systémy typu x64 (KB4088776).

Error: (03/24/2018 07:24:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/24/2018 07:24:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby FontCache3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (03/24/2018 07:23:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/24/2018 07:23:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/24/2018 07:23:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Windows Defender:
===================================
Date: 2018-03-24 19:06:03.552
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.251.42.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14104.0
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.

Date: 2018-03-24 19:06:03.552
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.251.42.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.14104.0
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU N3350 @ 1.10GHz
Percentage of memory in use: 46%
Total physical RAM: 3959.73 MB
Available physical RAM: 2120.23 MB
Total Virtual: 5367.73 MB
Available Virtual: 3378.42 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:464.71 GB) (Free:406.32 GB) NTFS

\\?\Volume{8bff9cd9-2301-49a2-9d7a-145609f408d3}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.23 GB) FAT32
\\?\Volume{37c35903-7281-4cd9-9731-adefffcac825}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: FE4A668C)

Partition: GPT.

==================== End of Addition.txt ============================

sarka124 · #6 Příspěvek od **sarka124** » 24 bře 2018 21:11

Omylem jsem to nahrála dvakrát a nejde mi to smazat.

#7 Příspěvek od **Conder** » 24 bře 2018 22:45

Doinstaluj aktualizacie cez Nastavenia -> Aktualizacia a zabezpecenie -> Vyhladat aktualizacie.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1478508248-391976161-3340998328-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-1478508248-391976161-3340998328-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
U1 aswbdisk; no ImagePath
2018-03-24 19:23 - 2017-10-09 15:55 - 000000000 ____D C:\ProgramData\McAfee
2018-03-24 19:09 - 2017-10-09 15:56 - 000000000 ____D C:\Program Files\mcafee
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

sarka124 · #8 Příspěvek od **sarka124** » 25 bře 2018 17:59

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by mirek (25-03-2018 18:00:00) Run:1
Running from C:\Users\mirek\OneDrive\Plocha
Loaded Profiles: mirek (Available Profiles: mirek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1478508248-391976161-3340998328-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-1478508248-391976161-3340998328-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
U1 aswbdisk; no ImagePath
2018-03-24 19:23 - 2017-10-09 15:55 - 000000000 ____D C:\ProgramData\McAfee
2018-03-24 19:09 - 2017-10-09 15:56 - 000000000 ____D C:\Program Files\mcafee
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-1478508248-391976161-3340998328-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-1478508248-391976161-3340998328-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
C:\ProgramData\McAfee => moved successfully
C:\Program Files\mcafee => moved successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MCODS" => removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc" => removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MCODS" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11623501 B
Java, Flash, Steam htmlcache => 735 B
Windows/system/drivers => 6320713 B
Edge => 249797328 B
Chrome => 0 B
Firefox => 259344805 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 13900 B
NetworkService => 3364 B
mirek => 11999504 B

RecycleBin => 0 B
EmptyTemp: => 519.9 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 25-03-2018 18:58:02)

Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected

==== End of Fixlog 18:58:02 ====

#9 Příspěvek od **Conder** » 25 bře 2018 18:58

Ako to vyzera s PC? Nastala nejaka zmena?

VIRY.CZ

nový notebook je pomalý

nový notebook je pomalý

Re: nový notebook je pomalý

Re: nový notebook je pomalý

Re: nový notebook je pomalý

Re: nový notebook je pomalý

Re: nový notebook je pomalý

Re: nový notebook je pomalý

Re: nový notebook je pomalý

Re: nový notebook je pomalý