neskutočne pomalý NTB
Napsal: 18 črc 2019 11:30
Zdravím a prosím o pomoc. Mám relatívne nový NTB, kupovala som ho synovi, ale je neskutočne pomalý. Načítanie nejakej aplikácie trvá aj niekoľko minút. Prikladám log z FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by xxx (administrator) on DESKTOP-UDT5KLA (Dell Inc. Vostro 15-3568) (18-07-2019 11:27:16)
Running from C:\Users\xxx\Desktop
Loaded Profiles: xxx (Available Profiles: xxx)
Platform: Windows 10 Enterprise Version 1803 17134.765 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\65629022-5673-4574-908E-E04E9AAE735B\MpSigStub.exe
(Adobe Inc. -> Adobe) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-dc659068.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\BackgroundTransferHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.760_none_eaef1a361d71e348\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270208 2018-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505736 2018-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1220416 2018-03-06] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe [1112960 2018-03-14] (AnchorFree Inc -> McAfee Inc.)
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-09-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35519888 2019-06-17] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\MountPoints2: {35a77e2d-cd70-11e8-9bc7-90324b9d6f12} - "Z:\autorun.exe"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\MountPoints2: {5ffd0639-b57a-11e8-9bc2-806e6f6e6963} - "D:\autorun.exe"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\MountPoints2: {76f8ae8b-d086-11e8-9bcd-90324b9d6f12} - "E:\Setup.exe"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\MountPoints2: {76f8b8e0-d086-11e8-9bcd-90324b9d6f12} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\MountPoints2: {e738f9b0-c0cb-11e8-9bc5-90324b9d6f12} - "E:\autorun.exe"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\MountPoints2: {e738fca5-c0cb-11e8-9bc5-90324b9d6f12} - "Z:\autorun.exe"
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-24] (Google LLC -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2018-09-13]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare Technology Co.,Ltd -> Wondershare)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AEF2AEB-021B-4331-A371-B8A92364FE0B} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {18140C52-4E54-4621-9567-C0111370612A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {272B8DD1-C161-479B-8668-196293E8D09C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {28416909-741B-4390-B827-04A7744350D3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask => {D2CBF5F7-5702-440B-8D8F-8203034A6B82} C:\WINDOWS\System32\WpcRefreshTask.dll [840704 2018-04-12] (Microsoft Corporation)
Task: {474CF3F7-4804-4B91-BFD2-69826575AE0A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-11] (Google Inc -> Google Inc.)
Task: {55384E6F-8AB1-43B2-9CB2-D42C47D13AFC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-18] (Adobe Inc. -> Adobe)
Task: {56E7F278-0489-48B4-AB78-7C6671EEFBA5} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {642ED062-F7AC-4492-A3B4-7DD19B182300} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {BBCB5983-C8A3-480E-A86A-97DDB918DBB9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3018120 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
Task: {BCCCA9C4-E659-4D37-B1C1-D0ED7A4320F3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {D4241D4F-BD78-427B-989E-FE75079BC6FF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC15A2A2-5564-4E93-A9E9-8C03C120D20B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4EB955C-44DE-4E9E-8D51-D1CF73C6D571} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-18] (Adobe Inc. -> Adobe)
Task: {E7F78BF5-043E-4158-BF56-F57A063439BA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F56B9952-BBE0-45AD-8082-684D945733F8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-17] (AVAST Software s.r.o. -> AVAST Software)
Task: {F892D52D-04DD-42FF-86A4-02B8206C37FC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FEF0E9AB-8EB2-4335-9B40-8BC8FCB6F262} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-11] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.20 192.168.3.105
Tcpip\..\Interfaces\{359b1e2b-d539-43fe-8d02-879711f89f48}: [DhcpNameServer] 10.13.143.1 158.197.16.31 158.197.8.8
Tcpip\..\Interfaces\{866d7448-2f4a-4985-87ce-6fce9284e8aa}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{9067d176-31d2-4858-a2a3-254ad93f3a8e}: [DhcpNameServer] 192.168.1.20 192.168.3.105
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2019-05-24] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2019-03-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2019-03-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2019-05-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 2ryg9502.default
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\2ryg9502.default [2019-07-18]
FF Extension: (Avast SafePrice | Porovnanie, ponuky, kupóny) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\2ryg9502.default\Extensions\sp@avast.com.xpi [2019-02-13]
FF Extension: (Avast Online Security) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\2ryg9502.default\Extensions\wrc@avast.com.xpi [2019-07-18] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-18] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2019-03-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2019-03-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-18] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-21] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-21] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default [2019-05-28]
CHR Extension: (Prezentácie) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-11]
CHR Extension: (Dokumenty) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-12]
CHR Extension: (Disk Google) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-12]
CHR Extension: (YouTube) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-12]
CHR Extension: (Adobe Acrobat) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-25]
CHR Extension: (Tabuľky) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-11]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-11]
CHR Extension: (Gmail) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-09]
CHR Extension: (Chrome Media Router) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [424288 2018-05-22] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3648616 2018-09-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2223864 2018-09-11] (Intel Corporation -> Intel Corporation)
S3 McAfee Vpn Service; C:\Program Files (x86)\McAfee Safe Connect\service\VpnService.exe [314368 2018-03-06] (AnchorFree Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324544 2018-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265784 2017-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [882496 2018-03-06] (Waves Inc -> Waves Audio Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [101152 2017-06-01] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-06-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [75320 2018-09-11] (Intel Corporation -> Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-10-03] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-10-03] (Disc Soft Ltd -> Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [358968 2018-09-11] (Intel Corporation -> Intel Corporation)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [63496 2018-09-11] (Intel(R) Software -> Intel Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2328456 2018-09-11] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [955392 2018-09-11] (Realtek Semiconductor Corp. -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [436224 2018-09-11] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [66104 2017-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-05-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344544 2019-05-21] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-05-21] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-18 11:27 - 2019-07-18 11:39 - 000027486 _____ C:\Users\xxx\Desktop\FRST.txt
2019-07-18 11:26 - 2019-07-18 11:27 - 000000000 ____D C:\FRST
2019-07-18 11:24 - 2019-07-18 11:24 - 002095104 _____ (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2019-07-18 11:16 - 2019-02-13 21:23 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-18 11:35 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-18 11:35 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-18 11:31 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-18 11:25 - 2019-01-07 18:43 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-07-18 11:25 - 2018-10-03 14:38 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-07-18 11:25 - 2018-10-03 14:38 - 000002076 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-07-18 11:24 - 2019-05-23 22:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-18 11:23 - 2018-10-03 14:34 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-07-18 11:20 - 2019-04-18 20:57 - 000000440 _____ C:\Users\xxx\Desktop\Tento počítač - odkaz.lnk
2019-07-18 11:16 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-18 11:14 - 2018-12-12 11:28 - 000000000 ____D C:\Users\xxx\AppData\LocalLow\Mozilla
2019-07-18 11:11 - 2018-09-11 14:37 - 000000000 __SHD C:\Users\xxx\IntelGraphicsProfiles
2019-07-18 11:10 - 2018-09-12 07:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-18 11:10 - 2018-09-12 07:49 - 000000000 ____D C:\Users\xxx
2019-07-18 11:10 - 2018-09-12 07:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-18 11:08 - 2018-09-11 15:56 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-18 10:58 - 2018-12-12 11:37 - 000004584 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-18 10:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-18 10:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
==================== Files in the root of some directories ================
2018-10-12 13:40 - 2018-10-12 13:40 - 000007602 _____ () C:\Users\xxx\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by xxx (18-07-2019 11:44:46)
Running from C:\Users\xxx\Desktop
Windows 10 Enterprise Version 1803 17134.765 (X64) (2018-09-12 05:59:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1040883599-3043935128-2424671946-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1040883599-3043935128-2424671946-503 - Limited - Disabled)
Guest (S-1-5-21-1040883599-3043935128-2424671946-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1040883599-3043935128-2424671946-504 - Limited - Disabled)
xxx (S-1-5-21-1040883599-3043935128-2424671946-1001 - Administrator - Enabled) => C:\Users\xxx
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 4.3.4.1503 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 4.1.21.2018 - BlueStack Systems, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0634 - Disc Soft Ltd)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.64 - Synaptics Incorporated)
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015CZ_is1) (Version: 1.0 - GIANTS Software)
Farming Simulator 19 (HKLM-x32\...\FarmingSimulator2019_is1) (Version: 1.0 - GIANTS Software)
Game Debate Hardware Scanner version 0.1.3 (HKLM-x32\...\{D81698E2-9F9C-4C66-BC9C-FC7F7FCFA55D}_is1) (Version: 0.1.3 - Social Webtech LTD)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Codec Pack 14.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.4.0 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9434.1 - Waves Audio Ltd.) Hidden
McAfee Safe Connect (HKLM-x32\...\{8DF95C34-C5EB-4026-9C86-E49F2A94677A}) (Version: 1.6.0.223 - McAfee, Inc)
Microsoft Office 2016 Professional Plus (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 67.0 (x64 sk) (HKLM\...\Mozilla Firefox 67.0 (x64 sk)) (Version: 67.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.2.2 - pdfforge GmbH)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8403 - Realtek Semiconductor Corp.)
Update for Skype for Business 2016 (KB4464576) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{FDE43626-A1A9-4441-AE9F-E2B2E024E55E}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4464576) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{FDE43626-A1A9-4441-AE9F-E2B2E024E55E}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4464576) 64-Bit Edition (HKLM\...\{90160000-012B-041B-1000-0000000FF1CE}_Office16.PROPLUS_{FDE43626-A1A9-4441-AE9F-E2B2E024E55E}) (Version: - Microsoft)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2019 (HKLM\...\{9CC29C6A-B5FE-497B-8F23-52A2557A92C0}}_is1) (Version: - VideoWin)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare MobileGo(Version 8.5.0) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.5.0 - Wondershare)
World of Tanks (HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
Packages:
=========
Asistent pre telefón Microsoft -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-09-11] (Microsoft Corporation)
Forza Horizon 4 Demo -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon4Demo_1.192.906.2_x64__8wekyb3d8bbwe [2019-04-14] (Microsoft Studios)
Messenger -> C:\Program Files\WindowsApps\Facebook.317180B0BB486_196.2292.59195.0_x86__8xx8rvfyw5nnt [2019-05-25] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-04-14] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1098.1000_x86__8wekyb3d8bbwe [2019-05-23] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
Microsoft To-Do -> C:\Program Files\WindowsApps\Microsoft.Todos_1.58.21492.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Corporation)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_19.10521.3620.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Corporation)
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.29.10701.0_x64__8wekyb3d8bbwe [2019-03-24] (Microsoft Corporation) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-18] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-18] (Microsoft Corporation) [MS Ad]
Network Speed Test -> C:\Program Files\WindowsApps\Microsoft.NetworkSpeedTest_1.0.0.23_x64__8wekyb3d8bbwe [2018-09-12] (Microsoft Research)
Office Lens -> C:\Program Files\WindowsApps\Microsoft.OfficeLens_16.0.31091.0_x64__8wekyb3d8bbwe [2018-09-12] (Microsoft Corporation)
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1040883599-3043935128-2424671946-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-10-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-09-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-09-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxDTCM.dll [2018-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-03-04 20:27 - 2019-03-04 20:28 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-03-04 20:28 - 2019-03-04 20:28 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-03-04 20:28 - 2019-03-04 20:28 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2019-07-18 08:26 - 2019-07-18 11:18 - 000741432 _____ () [File not signed] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\65629022-5673-4574-908E-E04E9AAE735B\MpSigStub.exe
2018-09-12 09:44 - 2018-09-12 09:44 - 000117248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2019-03-04 20:27 - 2019-03-04 20:27 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2019-01-04 18:04 - 000000846 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.20 - 192.168.3.105
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "MobileGo Service.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtHDVBg_PushButton"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\StartupApproved\Run: => "McAfeeSafeConnect"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\StartupApproved\Run: => "World of Tanks"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{00206A87-8EFC-4632-8DAB-5FD31236FCED}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{262E7389-B0FA-470B-AD07-DAFB632547A9}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1600D9FC-C04F-42C6-8719-B107A8CEF763}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9B4EECAF-D020-4988-B213-14FCC3F81227}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{3B738E60-30EB-4B46-A768-D0757DA3D6F8}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [UDP Query User{F0636280-AA0C-4EB1-808F-8BB6F0C2EEE8}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [{98E25F4A-D374-47D8-87A8-93EDE2C3EB6A}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{6D1E6952-33C7-4199-B29A-305BFF15FF12}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{8D831F95-1F73-44DD-BA30-157A4748D90B}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{4C1CB7FD-C2DA-4ED1-B027-804C4C88ECD5}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{654C01C0-88E1-44E6-B57F-263A4B8F036E}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{FB2A5153-4938-49AD-ADC2-466B298C4D93}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{23B27654-3B79-4F55-96B5-F12BADBFCBB1}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [TCP Query User{D58497DE-2FAC-4A6D-BA0C-3017C1CB39FF}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe No File
FirewallRules: [UDP Query User{9C6ACB43-29CA-486A-B73A-1DDD8293BF5C}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe No File
FirewallRules: [TCP Query User{00D022D5-64C8-492B-8797-F1A2D1377D12}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{988FCB0E-39F1-4BD0-B734-DD7CEC021CB4}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{D4E0755A-23B3-4C90-B0BC-6CDA1459D59C}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{DFF75E6C-B4DF-49F6-AB50-F73F84D0EF26}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{339B4A29-E52C-40B6-B8EE-C88F62659261}C:\users\xxx\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\xxx\appdata\local\warthunder\launcher.exe No File
FirewallRules: [UDP Query User{3EAEA268-EA41-442F-975F-0AE7D365F7C3}C:\users\xxx\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\xxx\appdata\local\warthunder\launcher.exe No File
FirewallRules: [TCP Query User{10F78E26-8EA6-49CC-9967-2C6BD9AA74AF}C:\users\xxx\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\xxx\appdata\local\warthunder\win64\aces.exe No File
FirewallRules: [UDP Query User{B8404FF5-0F54-494F-AE79-17E183B9BE44}C:\users\xxx\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\xxx\appdata\local\warthunder\win64\aces.exe No File
FirewallRules: [{4B1B5710-D2FE-45FF-9683-D63A9AFA8B10}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.) [File not signed]
FirewallRules: [{0A7BBF65-F575-427B-9051-DB6A77AA1014}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{68E356AE-B1D3-4FA5-A388-A5BDE071AC69}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D9A34C44-7B9D-4406-99D8-FE1219E81475}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{21E70874-E786-4ADD-9717-D37E7C5BCBA4}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{62F8996F-3961-4361-A6C8-0EFE8F1B648E}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{0FDE7CB8-1E38-4173-AC7F-0FBB863C9474}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [TCP Query User{F65A44BB-DF8E-42A1-AA27-C0C630F58845}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{969DDED3-FA4C-456F-8466-DF59CB6DB390}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{9B26BD3A-42F9-4AD1-AD48-6013E01819B3}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{DDEE2A4F-AADC-4F5B-885C-BF40CAD2162C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{ADE3B56E-E87F-497D-B509-01C2DCF3E110}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CFB13CB2-0516-4142-BE33-E454CC8F96DD}] => (Allow) LPort=2869
FirewallRules: [{F5C18984-E9A6-4E75-BF2B-41523F44C827}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{77707D71-F4B7-4BAE-B060-6EF23347DB6B}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{9FCD90EF-CE01-4A7F-8BFB-3625B8CBAA8A}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{FB895D5E-C074-4235-B479-88CE06E239A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{A2D7B9BE-75E5-476D-BC99-2CD28EAFAD3A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{52BF26FE-946C-4C58-B6AB-B88E7D70DEC5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
18-04-2019 20:57:14 Windows Update
25-05-2019 09:53:53 Windows Update
17-06-2019 14:49:36 Windows Update
18-07-2019 11:26:02 Windows Update
18-07-2019 11:27:58 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/18/2019 11:10:09 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11000.2996) TYPE: ERROR MODULE: DPTF TIME 43475 ms
DPTF Build Version: 8.2.11000.2996
DPTF Build Date: Aug 10 2016 11:44:33
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 289
Executing Function: ConfigTdpPolicy::onOperatingSystemConfigTdpLevelChanged
Message: ConfigTdp not supported.
Participant: TCPU [0]
Domain: PKG [0]
Policy: ConfigTDP Policy [0]
Error: (07/18/2019 11:10:09 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11000.2996) TYPE: ERROR MODULE: DPTF TIME 43463 ms
DPTF Build Version: 8.2.11000.2996
DPTF Build Date: Aug 10 2016 11:44:33
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 152
Executing Function: ConfigTdpPolicy::onBindDomain
Message: ConfigTdp not supported.
Participant: TCPU [0]
Domain: PKG [0]
Policy: ConfigTDP Policy [0]
Error: (07/18/2019 11:10:09 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11000.2996) TYPE: ERROR MODULE: DPTF TIME 43462 ms
DPTF Build Version: 8.2.11000.2996
DPTF Build Date: Aug 10 2016 11:44:33
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 330
Executing Function: ConfigTdpPolicy::synchronizeConfigTdpPlatformSettings
Message: ConfigTdp not supported.
Policy: ConfigTDP Policy [0]
Error: (07/18/2019 11:01:46 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (07/18/2019 10:57:13 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11000.2996) TYPE: ERROR MODULE: DPTF TIME 4387564360 ms
DPTF Build Version: 8.2.11000.2996
DPTF Build Date: Aug 10 2016 11:44:33
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 152
Executing Function: ConfigTdpPolicy::onBindDomain
Message: ConfigTdp not supported.
Participant: TCPU [0]
Domain: PKG [0]
Policy: ConfigTDP Policy [0]
Error: (07/18/2019 10:57:13 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11000.2996) TYPE: ERROR MODULE: DPTF TIME 4387564358 ms
DPTF Build Version: 8.2.11000.2996
DPTF Build Date: Aug 10 2016 11:44:33
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 330
Executing Function: ConfigTdpPolicy::synchronizeConfigTdpPlatformSettings
Message: ConfigTdp not supported.
Policy: ConfigTDP Policy [0]
Error: (06/17/2019 01:12:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (06/17/2019 01:08:26 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11000.2996) TYPE: ERROR MODULE: DPTF TIME 1716599819 ms
DPTF Build Version: 8.2.11000.2996
DPTF Build Date: Aug 10 2016 11:44:33
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 152
Executing Function: ConfigTdpPolicy::onBindDomain
Message: ConfigTdp not supported.
Participant: TCPU [0]
Domain: PKG [0]
Policy: ConfigTDP Policy [0]
System errors:
=============
Error: (07/18/2019 11:50:26 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UDT5KLA)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-UDT5KLA\xxx SID (S-1-5-21-1040883599-3043935128-2424671946-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/18/2019 11:49:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-UDT5KLA)
Description: The server Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.
Error: (07/18/2019 11:27:48 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80246013: 2019-02, aktualizácia pre Windows 10 Version 1803 pre systémy s procesorom typu x64 (KB4346084).
Error: (07/18/2019 11:22:59 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.
Error: (07/18/2019 11:20:04 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Update Orchestrator Service sa pri spustení zablokovala.
Error: (07/18/2019 11:18:02 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba System Guard Runtime Monitor Broker sa pri spustení zablokovala.
Error: (07/18/2019 11:17:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80246007: Aktualizácia definícií pre Windows Defender Antivirus - KB2267602 (Definícia 1.297.1313.0).
Error: (07/18/2019 11:15:59 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správca stiahnutých máp sa pri spustení zablokovala.
Windows Defender:
===================================
Date: 2019-05-21 16:05:33.277
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {36098F3B-E78E-4319-A3C4-DBC44C0F81BD}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-03-26 18:41:48.636
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6A9BBFE2-FB74-4D0C-93D0-8576BF5F1643}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-03-15 00:06:32.965
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {0ECE3E94-C10A-4291-9D3C-E8F85303C987}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-03-14 22:30:04.360
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1D154975-F114-48D3-A6EC-43F11DE85A6D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-03-14 21:53:03.745
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {F14E7BBE-4B8B-4B3C-B40B-05E72EF09FA6}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-07-18 11:48:03.310
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.295.875.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16000.6
Error code: 0x800705b4
Error description: This operation returned because the timeout period expired.
Date: 2019-07-18 11:48:03.309
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.295.875.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16000.6
Error code: 0x800705b4
Error description: This operation returned because the timeout period expired.
Date: 2019-07-18 11:48:03.308
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.295.875.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16000.6
Error code: 0x800705b4
Error description: This operation returned because the timeout period expired.
Date: 2019-07-18 11:16:16.390
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.295.875.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16000.6
Error code: 0x80246007
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.
Date: 2019-05-25 11:11:09.992
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.293.2222.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80240016
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.
==================== Memory info ===========================
BIOS: Dell Inc. 2.6.0 05/15/2018
Motherboard: Dell Inc. 05HRPP
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 79%
Total physical RAM: 3961.95 MB
Available physical RAM: 801.96 MB
Total Virtual: 6137.95 MB
Available Virtual: 1886.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.19 GB) (Free:785.31 GB) NTFS
\\?\Volume{fef8a4d6-03df-43e6-8405-7bc2d9705f1d}\ (Obnovenie) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{6917e025-c01c-4a2d-be5e-42c72a43d835}\ () (Fixed) (Total:0.76 GB) (Free:0.34 GB) NTFS
\\?\Volume{cefc9745-380b-4132-a4c0-2d542b4b9f87}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C5476D25)
Partition: GPT.
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by xxx (administrator) on DESKTOP-UDT5KLA (Dell Inc. Vostro 15-3568) (18-07-2019 11:27:16)
Running from C:\Users\xxx\Desktop
Loaded Profiles: xxx (Available Profiles: xxx)
Platform: Windows 10 Enterprise Version 1803 17134.765 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\65629022-5673-4574-908E-E04E9AAE735B\MpSigStub.exe
(Adobe Inc. -> Adobe) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-dc659068.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\BackgroundTransferHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.760_none_eaef1a361d71e348\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270208 2018-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505736 2018-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1220416 2018-03-06] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe [1112960 2018-03-14] (AnchorFree Inc -> McAfee Inc.)
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-09-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35519888 2019-06-17] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\MountPoints2: {35a77e2d-cd70-11e8-9bc7-90324b9d6f12} - "Z:\autorun.exe"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\MountPoints2: {5ffd0639-b57a-11e8-9bc2-806e6f6e6963} - "D:\autorun.exe"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\MountPoints2: {76f8ae8b-d086-11e8-9bcd-90324b9d6f12} - "E:\Setup.exe"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\MountPoints2: {76f8b8e0-d086-11e8-9bcd-90324b9d6f12} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\MountPoints2: {e738f9b0-c0cb-11e8-9bc5-90324b9d6f12} - "E:\autorun.exe"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\MountPoints2: {e738fca5-c0cb-11e8-9bc5-90324b9d6f12} - "Z:\autorun.exe"
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-24] (Google LLC -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2018-09-13]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare Technology Co.,Ltd -> Wondershare)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AEF2AEB-021B-4331-A371-B8A92364FE0B} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {18140C52-4E54-4621-9567-C0111370612A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {272B8DD1-C161-479B-8668-196293E8D09C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {28416909-741B-4390-B827-04A7744350D3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2BB692C1-F60F-479E-ADC2-1CAF9422A2AC} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask => {D2CBF5F7-5702-440B-8D8F-8203034A6B82} C:\WINDOWS\System32\WpcRefreshTask.dll [840704 2018-04-12] (Microsoft Corporation)
Task: {474CF3F7-4804-4B91-BFD2-69826575AE0A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-11] (Google Inc -> Google Inc.)
Task: {55384E6F-8AB1-43B2-9CB2-D42C47D13AFC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-18] (Adobe Inc. -> Adobe)
Task: {56E7F278-0489-48B4-AB78-7C6671EEFBA5} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {642ED062-F7AC-4492-A3B4-7DD19B182300} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {BBCB5983-C8A3-480E-A86A-97DDB918DBB9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3018120 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
Task: {BCCCA9C4-E659-4D37-B1C1-D0ED7A4320F3} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {D4241D4F-BD78-427B-989E-FE75079BC6FF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC15A2A2-5564-4E93-A9E9-8C03C120D20B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4EB955C-44DE-4E9E-8D51-D1CF73C6D571} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-18] (Adobe Inc. -> Adobe)
Task: {E7F78BF5-043E-4158-BF56-F57A063439BA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F56B9952-BBE0-45AD-8082-684D945733F8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2281944 2019-06-17] (AVAST Software s.r.o. -> AVAST Software)
Task: {F892D52D-04DD-42FF-86A4-02B8206C37FC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FEF0E9AB-8EB2-4335-9B40-8BC8FCB6F262} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-11] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.20 192.168.3.105
Tcpip\..\Interfaces\{359b1e2b-d539-43fe-8d02-879711f89f48}: [DhcpNameServer] 10.13.143.1 158.197.16.31 158.197.8.8
Tcpip\..\Interfaces\{866d7448-2f4a-4985-87ce-6fce9284e8aa}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{9067d176-31d2-4858-a2a3-254ad93f3a8e}: [DhcpNameServer] 192.168.1.20 192.168.3.105
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2019-05-24] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2019-03-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2019-03-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2019-05-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2019-03-12] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 2ryg9502.default
FF ProfilePath: C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\2ryg9502.default [2019-07-18]
FF Extension: (Avast SafePrice | Porovnanie, ponuky, kupóny) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\2ryg9502.default\Extensions\sp@avast.com.xpi [2019-02-13]
FF Extension: (Avast Online Security) - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\2ryg9502.default\Extensions\wrc@avast.com.xpi [2019-07-18] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-18] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2019-03-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2019-03-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-18] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-02-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-21] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-21] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default [2019-05-28]
CHR Extension: (Prezentácie) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-11]
CHR Extension: (Dokumenty) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-12]
CHR Extension: (Disk Google) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-12]
CHR Extension: (YouTube) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-12]
CHR Extension: (Adobe Acrobat) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-25]
CHR Extension: (Tabuľky) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-11]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-11]
CHR Extension: (Gmail) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-09]
CHR Extension: (Chrome Media Router) - C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [424288 2018-05-22] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3648616 2018-09-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2223864 2018-09-11] (Intel Corporation -> Intel Corporation)
S3 McAfee Vpn Service; C:\Program Files (x86)\McAfee Safe Connect\service\VpnService.exe [314368 2018-03-06] (AnchorFree Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324544 2018-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265784 2017-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [882496 2018-03-06] (Waves Inc -> Waves Audio Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-05-21] (Microsoft Corporation -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [101152 2017-06-01] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-03-14] (AVAST Software s.r.o. -> AVAST Software)
S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-06-21] (Bluestack Systems, Inc. -> Bluestack System Inc. )
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [75320 2018-09-11] (Intel Corporation -> Intel Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-10-03] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-10-03] (Disc Soft Ltd -> Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [358968 2018-09-11] (Intel Corporation -> Intel Corporation)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [63496 2018-09-11] (Intel(R) Software -> Intel Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2328456 2018-09-11] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [955392 2018-09-11] (Realtek Semiconductor Corp. -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [436224 2018-09-11] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [66104 2017-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-05-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344544 2019-05-21] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-05-21] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-18 11:27 - 2019-07-18 11:39 - 000027486 _____ C:\Users\xxx\Desktop\FRST.txt
2019-07-18 11:26 - 2019-07-18 11:27 - 000000000 ____D C:\FRST
2019-07-18 11:24 - 2019-07-18 11:24 - 002095104 _____ (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2019-07-18 11:16 - 2019-02-13 21:23 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-18 11:35 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-18 11:35 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-18 11:31 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-18 11:25 - 2019-01-07 18:43 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-07-18 11:25 - 2018-10-03 14:38 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-07-18 11:25 - 2018-10-03 14:38 - 000002076 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-07-18 11:24 - 2019-05-23 22:11 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-18 11:23 - 2018-10-03 14:34 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-07-18 11:20 - 2019-04-18 20:57 - 000000440 _____ C:\Users\xxx\Desktop\Tento počítač - odkaz.lnk
2019-07-18 11:16 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-18 11:14 - 2018-12-12 11:28 - 000000000 ____D C:\Users\xxx\AppData\LocalLow\Mozilla
2019-07-18 11:11 - 2018-09-11 14:37 - 000000000 __SHD C:\Users\xxx\IntelGraphicsProfiles
2019-07-18 11:10 - 2018-09-12 07:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-18 11:10 - 2018-09-12 07:49 - 000000000 ____D C:\Users\xxx
2019-07-18 11:10 - 2018-09-12 07:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-18 11:08 - 2018-09-11 15:56 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-18 10:58 - 2018-12-12 11:37 - 000004584 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-18 10:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-18 10:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
==================== Files in the root of some directories ================
2018-10-12 13:40 - 2018-10-12 13:40 - 000007602 _____ () C:\Users\xxx\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2019 01
Ran by xxx (18-07-2019 11:44:46)
Running from C:\Users\xxx\Desktop
Windows 10 Enterprise Version 1803 17134.765 (X64) (2018-09-12 05:59:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1040883599-3043935128-2424671946-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1040883599-3043935128-2424671946-503 - Limited - Disabled)
Guest (S-1-5-21-1040883599-3043935128-2424671946-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1040883599-3043935128-2424671946-504 - Limited - Disabled)
xxx (S-1-5-21-1040883599-3043935128-2424671946-1001 - Administrator - Enabled) => C:\Users\xxx
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.223 - Adobe)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 4.3.4.1503 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 4.1.21.2018 - BlueStack Systems, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0634 - Disc Soft Ltd)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.64 - Synaptics Incorporated)
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015CZ_is1) (Version: 1.0 - GIANTS Software)
Farming Simulator 19 (HKLM-x32\...\FarmingSimulator2019_is1) (Version: 1.0 - GIANTS Software)
Game Debate Hardware Scanner version 0.1.3 (HKLM-x32\...\{D81698E2-9F9C-4C66-BC9C-FC7F7FCFA55D}_is1) (Version: 0.1.3 - Social Webtech LTD)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Codec Pack 14.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.4.0 - KLCP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9434.1 - Waves Audio Ltd.) Hidden
McAfee Safe Connect (HKLM-x32\...\{8DF95C34-C5EB-4026-9C86-E49F2A94677A}) (Version: 1.6.0.223 - McAfee, Inc)
Microsoft Office 2016 Professional Plus (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 67.0 (x64 sk) (HKLM\...\Mozilla Firefox 67.0 (x64 sk)) (Version: 67.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.2.2 - pdfforge GmbH)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8403 - Realtek Semiconductor Corp.)
Update for Skype for Business 2016 (KB4464576) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{FDE43626-A1A9-4441-AE9F-E2B2E024E55E}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4464576) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{FDE43626-A1A9-4441-AE9F-E2B2E024E55E}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4464576) 64-Bit Edition (HKLM\...\{90160000-012B-041B-1000-0000000FF1CE}_Office16.PROPLUS_{FDE43626-A1A9-4441-AE9F-E2B2E024E55E}) (Version: - Microsoft)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2019 (HKLM\...\{9CC29C6A-B5FE-497B-8F23-52A2557A92C0}}_is1) (Version: - VideoWin)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare MobileGo(Version 8.5.0) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.5.0 - Wondershare)
World of Tanks (HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
Packages:
=========
Asistent pre telefón Microsoft -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-09-11] (Microsoft Corporation)
Forza Horizon 4 Demo -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon4Demo_1.192.906.2_x64__8wekyb3d8bbwe [2019-04-14] (Microsoft Studios)
Messenger -> C:\Program Files\WindowsApps\Facebook.317180B0BB486_196.2292.59195.0_x86__8xx8rvfyw5nnt [2019-05-25] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-04-14] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1098.1000_x86__8wekyb3d8bbwe [2019-05-23] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
Microsoft To-Do -> C:\Program Files\WindowsApps\Microsoft.Todos_1.58.21492.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Corporation)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_19.10521.3620.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Corporation)
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.29.10701.0_x64__8wekyb3d8bbwe [2019-03-24] (Microsoft Corporation) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-18] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-18] (Microsoft Corporation) [MS Ad]
Network Speed Test -> C:\Program Files\WindowsApps\Microsoft.NetworkSpeedTest_1.0.0.23_x64__8wekyb3d8bbwe [2018-09-12] (Microsoft Research)
Office Lens -> C:\Program Files\WindowsApps\Microsoft.OfficeLens_16.0.31091.0_x64__8wekyb3d8bbwe [2018-09-12] (Microsoft Corporation)
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1040883599-3043935128-2424671946-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-10-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-09-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-09-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\k127153.inf_amd64_3f3936d8dec668b8\igfxDTCM.dll [2018-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-03-04 20:27 - 2019-03-04 20:28 - 098275328 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2019-03-04 20:28 - 2019-03-04 20:28 - 000092672 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2019-03-04 20:28 - 2019-03-04 20:28 - 003922432 _____ () [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2019-07-18 08:26 - 2019-07-18 11:18 - 000741432 _____ () [File not signed] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\65629022-5673-4574-908E-E04E9AAE735B\MpSigStub.exe
2018-09-12 09:44 - 2018-09-12 09:44 - 000117248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2019-03-04 20:27 - 2019-03-04 20:27 - 000547840 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\chrome_elf.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2019-01-04 18:04 - 000000846 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.20 - 192.168.3.105
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "MobileGo Service.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtHDVBg_PushButton"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\StartupApproved\Run: => "McAfeeSafeConnect"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1040883599-3043935128-2424671946-1001\...\StartupApproved\Run: => "World of Tanks"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{00206A87-8EFC-4632-8DAB-5FD31236FCED}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{262E7389-B0FA-470B-AD07-DAFB632547A9}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1600D9FC-C04F-42C6-8719-B107A8CEF763}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9B4EECAF-D020-4988-B213-14FCC3F81227}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{3B738E60-30EB-4B46-A768-D0757DA3D6F8}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [UDP Query User{F0636280-AA0C-4EB1-808F-8BB6F0C2EEE8}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe (Wondershare Technology Co.,Ltd -> Wondershare)
FirewallRules: [{98E25F4A-D374-47D8-87A8-93EDE2C3EB6A}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{6D1E6952-33C7-4199-B29A-305BFF15FF12}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{8D831F95-1F73-44DD-BA30-157A4748D90B}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{4C1CB7FD-C2DA-4ED1-B027-804C4C88ECD5}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{654C01C0-88E1-44E6-B57F-263A4B8F036E}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{FB2A5153-4938-49AD-ADC2-466B298C4D93}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{23B27654-3B79-4F55-96B5-F12BADBFCBB1}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [TCP Query User{D58497DE-2FAC-4A6D-BA0C-3017C1CB39FF}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe No File
FirewallRules: [UDP Query User{9C6ACB43-29CA-486A-B73A-1DDD8293BF5C}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe No File
FirewallRules: [TCP Query User{00D022D5-64C8-492B-8797-F1A2D1377D12}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{988FCB0E-39F1-4BD0-B734-DD7CEC021CB4}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{D4E0755A-23B3-4C90-B0BC-6CDA1459D59C}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{DFF75E6C-B4DF-49F6-AB50-F73F84D0EF26}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{339B4A29-E52C-40B6-B8EE-C88F62659261}C:\users\xxx\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\xxx\appdata\local\warthunder\launcher.exe No File
FirewallRules: [UDP Query User{3EAEA268-EA41-442F-975F-0AE7D365F7C3}C:\users\xxx\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\xxx\appdata\local\warthunder\launcher.exe No File
FirewallRules: [TCP Query User{10F78E26-8EA6-49CC-9967-2C6BD9AA74AF}C:\users\xxx\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\xxx\appdata\local\warthunder\win64\aces.exe No File
FirewallRules: [UDP Query User{B8404FF5-0F54-494F-AE79-17E183B9BE44}C:\users\xxx\appdata\local\warthunder\win64\aces.exe] => (Allow) C:\users\xxx\appdata\local\warthunder\win64\aces.exe No File
FirewallRules: [{4B1B5710-D2FE-45FF-9683-D63A9AFA8B10}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe (BlueStack Systems, Inc.) [File not signed]
FirewallRules: [{0A7BBF65-F575-427B-9051-DB6A77AA1014}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{68E356AE-B1D3-4FA5-A388-A5BDE071AC69}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D9A34C44-7B9D-4406-99D8-FE1219E81475}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{21E70874-E786-4ADD-9717-D37E7C5BCBA4}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\FarmingSimulator2019.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{62F8996F-3961-4361-A6C8-0EFE8F1B648E}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{0FDE7CB8-1E38-4173-AC7F-0FBB863C9474}] => (Allow) C:\Program Files (x86)\Farming Simulator 2019\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [TCP Query User{F65A44BB-DF8E-42A1-AA27-C0C630F58845}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{969DDED3-FA4C-456F-8466-DF59CB6DB390}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{9B26BD3A-42F9-4AD1-AD48-6013E01819B3}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{DDEE2A4F-AADC-4F5B-885C-BF40CAD2162C}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{ADE3B56E-E87F-497D-B509-01C2DCF3E110}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CFB13CB2-0516-4142-BE33-E454CC8F96DD}] => (Allow) LPort=2869
FirewallRules: [{F5C18984-E9A6-4E75-BF2B-41523F44C827}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{77707D71-F4B7-4BAE-B060-6EF23347DB6B}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{9FCD90EF-CE01-4A7F-8BFB-3625B8CBAA8A}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{FB895D5E-C074-4235-B479-88CE06E239A9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{A2D7B9BE-75E5-476D-BC99-2CD28EAFAD3A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{52BF26FE-946C-4C58-B6AB-B88E7D70DEC5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
18-04-2019 20:57:14 Windows Update
25-05-2019 09:53:53 Windows Update
17-06-2019 14:49:36 Windows Update
18-07-2019 11:26:02 Windows Update
18-07-2019 11:27:58 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/18/2019 11:10:09 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11000.2996) TYPE: ERROR MODULE: DPTF TIME 43475 ms
DPTF Build Version: 8.2.11000.2996
DPTF Build Date: Aug 10 2016 11:44:33
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 289
Executing Function: ConfigTdpPolicy::onOperatingSystemConfigTdpLevelChanged
Message: ConfigTdp not supported.
Participant: TCPU [0]
Domain: PKG [0]
Policy: ConfigTDP Policy [0]
Error: (07/18/2019 11:10:09 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11000.2996) TYPE: ERROR MODULE: DPTF TIME 43463 ms
DPTF Build Version: 8.2.11000.2996
DPTF Build Date: Aug 10 2016 11:44:33
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 152
Executing Function: ConfigTdpPolicy::onBindDomain
Message: ConfigTdp not supported.
Participant: TCPU [0]
Domain: PKG [0]
Policy: ConfigTDP Policy [0]
Error: (07/18/2019 11:10:09 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11000.2996) TYPE: ERROR MODULE: DPTF TIME 43462 ms
DPTF Build Version: 8.2.11000.2996
DPTF Build Date: Aug 10 2016 11:44:33
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 330
Executing Function: ConfigTdpPolicy::synchronizeConfigTdpPlatformSettings
Message: ConfigTdp not supported.
Policy: ConfigTDP Policy [0]
Error: (07/18/2019 11:01:46 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (07/18/2019 10:57:13 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11000.2996) TYPE: ERROR MODULE: DPTF TIME 4387564360 ms
DPTF Build Version: 8.2.11000.2996
DPTF Build Date: Aug 10 2016 11:44:33
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 152
Executing Function: ConfigTdpPolicy::onBindDomain
Message: ConfigTdp not supported.
Participant: TCPU [0]
Domain: PKG [0]
Policy: ConfigTDP Policy [0]
Error: (07/18/2019 10:57:13 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11000.2996) TYPE: ERROR MODULE: DPTF TIME 4387564358 ms
DPTF Build Version: 8.2.11000.2996
DPTF Build Date: Aug 10 2016 11:44:33
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 330
Executing Function: ConfigTdpPolicy::synchronizeConfigTdpPlatformSettings
Message: ConfigTdp not supported.
Policy: ConfigTDP Policy [0]
Error: (06/17/2019 01:12:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (06/17/2019 01:08:26 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.11000.2996) TYPE: ERROR MODULE: DPTF TIME 1716599819 ms
DPTF Build Version: 8.2.11000.2996
DPTF Build Date: Aug 10 2016 11:44:33
Source File: ..\..\..\..\Sources\Policies\ConfigTdpPolicy\ConfigTdpPolicy.cpp @ line 152
Executing Function: ConfigTdpPolicy::onBindDomain
Message: ConfigTdp not supported.
Participant: TCPU [0]
Domain: PKG [0]
Policy: ConfigTDP Policy [0]
System errors:
=============
Error: (07/18/2019 11:50:26 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-UDT5KLA)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-UDT5KLA\xxx SID (S-1-5-21-1040883599-3043935128-2424671946-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/18/2019 11:49:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-UDT5KLA)
Description: The server Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca did not register with DCOM within the required timeout.
Error: (07/18/2019 11:27:48 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80246013: 2019-02, aktualizácia pre Windows 10 Version 1803 pre systémy s procesorom typu x64 (KB4346084).
Error: (07/18/2019 11:22:59 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {B91D5831-B1BD-4608-8198-D72E155020F7} did not register with DCOM within the required timeout.
Error: (07/18/2019 11:20:04 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Update Orchestrator Service sa pri spustení zablokovala.
Error: (07/18/2019 11:18:02 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba System Guard Runtime Monitor Broker sa pri spustení zablokovala.
Error: (07/18/2019 11:17:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x80246007: Aktualizácia definícií pre Windows Defender Antivirus - KB2267602 (Definícia 1.297.1313.0).
Error: (07/18/2019 11:15:59 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správca stiahnutých máp sa pri spustení zablokovala.
Windows Defender:
===================================
Date: 2019-05-21 16:05:33.277
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {36098F3B-E78E-4319-A3C4-DBC44C0F81BD}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-03-26 18:41:48.636
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6A9BBFE2-FB74-4D0C-93D0-8576BF5F1643}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-03-15 00:06:32.965
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {0ECE3E94-C10A-4291-9D3C-E8F85303C987}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-03-14 22:30:04.360
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1D154975-F114-48D3-A6EC-43F11DE85A6D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-03-14 21:53:03.745
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {F14E7BBE-4B8B-4B3C-B40B-05E72EF09FA6}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-07-18 11:48:03.310
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.295.875.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16000.6
Error code: 0x800705b4
Error description: This operation returned because the timeout period expired.
Date: 2019-07-18 11:48:03.309
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.295.875.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16000.6
Error code: 0x800705b4
Error description: This operation returned because the timeout period expired.
Date: 2019-07-18 11:48:03.308
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.295.875.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16000.6
Error code: 0x800705b4
Error description: This operation returned because the timeout period expired.
Date: 2019-07-18 11:16:16.390
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.295.875.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16000.6
Error code: 0x80246007
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.
Date: 2019-05-25 11:11:09.992
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.293.2222.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80240016
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.
==================== Memory info ===========================
BIOS: Dell Inc. 2.6.0 05/15/2018
Motherboard: Dell Inc. 05HRPP
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 79%
Total physical RAM: 3961.95 MB
Available physical RAM: 801.96 MB
Total Virtual: 6137.95 MB
Available Virtual: 1886.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.19 GB) (Free:785.31 GB) NTFS
\\?\Volume{fef8a4d6-03df-43e6-8405-7bc2d9705f1d}\ (Obnovenie) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{6917e025-c01c-4a2d-be5e-42c72a43d835}\ () (Fixed) (Total:0.76 GB) (Free:0.34 GB) NTFS
\\?\Volume{cefc9745-380b-4132-a4c0-2d542b4b9f87}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: C5476D25)
Partition: GPT.
==================== End of Addition.txt ============================