Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-05-2019
Ran by oem (administrator) on ICORE (MSI MS-7586) (16-05-2019 22:13:28)
Running from C:\Users\oem\Desktop
Loaded Profiles: oem (Available Profiles: oem)
Platform: Microsoft Windows 10 Pro Version 1709 16299.1029 (X86) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ATLAS consulting, spol. s r.o.) [File not signed] C:\Program Files\ATLAS consulting\RegServer\RegSrv.exe
(AVG Technologies CZ, s.r.o. -> ) C:\Program Files\AVG Web TuneUp\CefHost.exe
(AVG Technologies CZ, s.r.o. -> ) C:\Program Files\AVG Web TuneUp\CefHost.exe
(AVG Technologies CZ, s.r.o. -> ) C:\Program Files\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o. -> ) C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo.exe
(ESET, spol. s r.o. -> ESET spol. s r.o.) C:\Users\oem\Downloads\esetonlinescanner_csy.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(HP Inc. -> HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.1019\SSScheduler.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\SetupHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\06ca011e35448b9bb8801815685193cc\WindowsUpdateBox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PickerHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [488344 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8129056 2009-12-25] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Windows Updater] => C:\Users\oem\AppData\Roaming\SS.exe [1169224 2009-06-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-11-09] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2187336 2018-01-03] (AVG Technologies CZ, s.r.o. -> )
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [273328 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer\Run: [Windows Updater] => C:\Users\oem\AppData\Roaming\SS.exe [1169224 2009-06-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\...\Run: [Windows Updater] => C:\Users\oem\AppData\Roaming\SS.exe [1169224 2009-06-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\...\MountPoints2: G - "G:\AutoRun.exe" 
HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\...\MountPoints2: {908062c9-3388-11e9-a0ba-406186c0da4e} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\...\MountPoints2: {9339a6f7-04ed-11e9-a0b9-406186c0da4e} - "G:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [28672 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.divx] => C:\Windows\system32\divx.dll [696320 2009-11-14] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\system32\divx.dll [696320 2009-11-14] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [180224 2009-06-07] () [File not signed]
HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\system32\ff_vfw.dll [85504 2010-03-03] () [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\LameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [msacm.lhacm] => C:\Windows\system32\lhacm.acm [34064 2010-10-23] (Microsoft Corporation) [File not signed]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{49cd2afd-8679-48a5-90ab-e7044bee2465}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{49cd2afd-8679-48a5-90ab-e7044bee2465}.sdb [2018-06-27]
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-02] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2019-05-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.1019\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.)
Startup: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2014-12-01]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0435EEB5-6F4F-4AB8-B104-FD6DDCF5F4E8} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1005F120-C2B4-485F-8AB3-EEFCD84713F9} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {13873A68-0EDD-48A5-9BDC-14E4437D98C6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {17D74F21-3A68-4872-80DE-46C09097D90E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {26A840EA-8779-4769-966F-E6D9CF6C9B53} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe [1452600 2019-04-15] (Adobe Inc. -> Adobe)
Task: {2946701E-00A2-405E-A025-10FA13D3EFC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {29D80DDA-2827-48E5-BC5E-DE5156729896} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {31102998-DD02-4BFB-944F-A7E65FC3166C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3137F8E6-2839-49F0-80F3-9C34083012BA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {33609921-108B-4FB1-976A-50C7EF7ADA8D} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {3D070303-1AAB-4BEE-BB0C-CDE1E3102B4E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [652664 2019-04-17] (HP Inc. -> HP Inc.)
Task: {41BC3682-FC43-4111-8A7B-15D2BBEE2064} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {41C5BEAE-1EBF-4A66-9EEE-90B94F2490F7} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {46B429CF-5B7B-4528-8E9D-2AAD976F8C67} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {48E3A15D-415C-4A79-BDC2-4F7436D2C942} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {5890F46B-80E2-466C-B0F5-EFECA785B633} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {58B5E360-30EA-4877-BCB8-9FD96C543707} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {5C6F8FF7-5D99-48CE-BC93-DF9B73EBC3AC} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe
Task: {67EDA820-A552-47E4-BE38-0034A14AA803} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6904632E-F39A-4B89-8194-735D874F0987} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {700B5D4C-C336-4E0A-BB99-8954F8474D19} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70B0FD7B-EF07-4A92-BBD5-DA1AEDD852F9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {72E68151-8CAC-4D1C-8DA4-D45506182346} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8A70CAF0-B62C-493B-B3E7-68CDF8355437} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8A7AC7ED-C96F-4822-B341-7C3193E2CE42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8AAB2FE5-AF48-4EC1-8A0D-D110A30D92D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {8F16C8B8-12CB-4834-8FBA-5B2F9F37328C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-16] (Adobe Inc. -> Adobe)
Task: {90571447-6C90-45BF-A8EB-803B61904694} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {93768DE9-5686-469B-A0A3-78369C609060} - System32\Tasks\S-1-5-21-2302488526-1930153894-2140200091-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [103424 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
Task: {965392D8-6FC0-441E-AE50-2339FC869C52} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A69E9C8C-2CF6-45AD-B192-AAEFF80E1368} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A9DBAA74-C2ED-450B-B861-87F75926F04B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {AFE11930-D5E6-4E15-8098-E4B28763441C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B6217CCE-505A-4A9A-AE1D-A46E4FEDE533} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {B67BED8E-C2B5-4734-8CB7-F87D15212AB6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1983376 2019-04-08] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {B7222D0C-169D-4794-851B-A790115789FF} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B7822517-000C-4729-8EEB-74E78374266A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BD02B9EE-97D3-4EF8-B98A-3EE8ABCD8C7C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C3DADD13-D345-4831-9C79-BE33808656F1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C907790D-404F-4CD5-B540-68E2462955A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {CFB539F0-5CF2-47BA-8C45-0D50F75887C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {D260E6FB-01E9-4822-BCEE-D5C18800CF93} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle America, Inc. -> Oracle Corporation)
Task: {D6B01768-7D0A-4776-9351-80ED8E3B3771} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E1F8771E-CC01-4305-85E4-10A6335F4609} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E97DA310-7B3F-4206-83A4-9B32D3152FD4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [129361720 2019-05-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F23C690D-9B19-4F62-BD94-5C8DA9315DDA} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2432944 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {F329B91C-9E8C-45EE-ADF0-0B6120C65ED5} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-16] (Adobe Inc. -> Adobe)
Task: {F615CB1C-AE27-4BCD-8970-C96720EF933B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F97EC727-E419-4DA0-8064-E34022D27DB1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FE960905-09F5-4F78-BB7A-723B8D70C7F5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 8.8.4.4 212.158.128.2
Tcpip\..\Interfaces\{025d5e3d-ffbc-43f9-98c8-19c2a10b0ef3}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{5047f852-12bb-485e-bb07-e99c80b32b40}: [DhcpNameServer] 10.0.0.138 8.8.4.4 212.158.128.2
Tcpip\..\Interfaces\{a0d62480-197c-4a9a-b090-a2af7207d99b}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{BD27F959-7303-4C49-94CB-DDF805D54BC7}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{da3ecdef-b40a-45c4-9494-ab8c150aa65c}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{fbae6ba2-f87f-4090-b584-7a9703290893}: [DhcpNameServer] 81.91.208.2 81.91.209.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131521904683928242&GUID=2E788215-178C-4C84-AAFB-D9FBADD71D71
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1435079503&z=1f3a26f43293ecf23fdb44cgcz5c3w2e9m4t7w5e2g&from=sien&uid=ST3640323AS_9VK099S1XXXX9VK099S1&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439792420&from=mych123&uid=st3640323as_9vk099s1xxxx9vk099s1&z=1bcd6a2bcd2b8c8aec14eeegaz8c7t2m4tdo3z1o8z
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1435079503&z=1f3a26f43293ecf23fdb44cgcz5c3w2e9m4t7w5e2g&from=sien&uid=ST3640323AS_9VK099S1XXXX9VK099S1&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130880242427477700&GUID=00000000-0000-0000-0000-000000000000
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKF9BG1-E8LXU36OEI7dum0N5xfr-SfmEnOcOTNQ3eqfIKPSmnX3QaluxQTq4zVE7kJjRaD85t3oMq66jPnHA5I0StY6XfaEDBjI4ce02tHy8FZR3hslXpGPWz4auTUAXHzMwVKJ3q9WyA,&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439792420&from=mych123&uid=st3640323as_9vk099s1xxxx9vk099s1&z=1bcd6a2bcd2b8c8aec14eeegaz8c7t2m4tdo3z1o8z
HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKF9BG1-E8LXU36OEI7dum0N5xfr-SfmEnOcOTNQ3eqfIKPSmnX3QaluxQTq4zVE7kJjRaD85t3oMq66jPnHA5I0StY6XfaEDBjI4ce02tHy8FZR3hslXpGPWz4auTUAXHzMwVKJ3q9WyA,&q={searchTerms}
HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439792420&from=mych123&uid=st3640323as_9vk099s1xxxx9vk099s1&z=1bcd6a2bcd2b8c8aec14eeegaz8c7t2m4tdo3z1o8z
URLSearchHook: HKLM - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} -  No File
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKF9BG1-E8LXU36OEI7dum0N5xfr-SfmEnOcOTNQ3eqfIKPSmnX3QaluxQTq4zVE7kJjRaD85t3oMq66jPnHA5I0StY6XfaEDBjI4ce02tHy8FZR3hslXpGPWz4auTUAXHzMwVKJ3q9WyA,&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1435079503&z=1f3a26f43293ecf23fdb44cgcz5c3w2e9m4t7w5e2g&from=sien&uid=ST3640323AS_9VK099S1XXXX9VK099S1&q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKF9BG1-E8LXU36OEI7dum0N5xfr-SfmEnOcOTNQ3eqfIKPSmnX3QaluxQTq4zVE7kJjRaD85t3oMq66jPnHA5I0StY6XfaEDBjI4ce02tHy8FZR3hslXpGPWz4auTUAXHzMwVKJ3q9WyA,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1444634722&from=zzgbkk123&uid=st3640323as_9vk099s1xxxx9vk099s1&z=ae291cc69d64e50e5f5a75ag2zfzbzeqacbzdm4o0w&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={5E927E8F-5FA8-47B2-A530-3875A24CC22F}&mid=1470f73081ce47cc83d29128c02433bd-b28529595758f60b2244ddbe41593d6c36d592b8&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0817tb&pr=fr&d=2015-11-20 19:39:25&v=4.3.8.510&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: No Name -> {1F91A9A1-01BA-4c81-863D-3BA0751E1419} -> No File
BHO: No Name -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: No Name -> {7F6AFBF1-E065-4627-A2FD-810366367D01} -> No File
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll [2018-01-03] (AVG Technologies CZ, s.r.o. -> AVG)
BHO: No Name -> {96A25A24-2E87-4374-8A50-CC6F943FCE4D} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - No Name - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} -  No File
Toolbar: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} -  No File
Toolbar: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} -  No File
Toolbar: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> hxxp://www.seznam.cz/

FireFox:
========
FF ProfilePath: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default [2017-08-23]
FF Homepage: Mozilla\Firefox\Profiles\k3yehuer.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\k3yehuer.default -> chrome://quick_start/content/index.html
FF Extension: (Default SearchProtected ) - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default\Extensions\defsearchp@gmail.com.xpi [2015-07-17] [Legacy] [not signed]
FF SearchPlugin: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default\searchplugins\delta-homes.xml [2015-11-20]
FF SearchPlugin: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default\searchplugins\mystartsearch.xml [2015-07-16]
FF HKLM\...\Firefox\Extensions: [searchffv2@gmail.com] - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default\extensions\searchffv2@gmail.com => not found
FF HKLM\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default\extensions\sweetsearch@gmail.com => not found
FF HKLM\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default\extensions\default_newtabff@gmail.com => not found
FF HKLM\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default\extensions\defsearchp@gmail.com => not found
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-16] (Adobe Inc. -> )
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> mysearch.avg.com
CHR DefaultSearchURL: Profile 1 -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Profile 1 -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default [2019-05-16]
CHR Extension: (Prezentace) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-25]
CHR Extension: (Dokumenty) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-25]
CHR Extension: (Disk Google) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-25]
CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-25]
CHR Extension: (AVG Secure Search) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2018-09-25]
CHR Extension: (Adobe Acrobat) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-25]
CHR Extension: (Tabulky) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-25]
CHR Extension: (Gmail) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-25]
CHR Extension: (Chrome Media Router) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-25]
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-16]
CHR Extension: (Prezentace) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-30]
CHR Extension: (Dokumenty) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-21]
CHR Extension: (Disk Google) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-21]
CHR Extension: (AVG Secure Search) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2018-08-21]
CHR Extension: (Adobe Acrobat) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-16]
CHR Extension: (Tabulky) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-30]
CHR Extension: (Gmail) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-29]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtlasRegServer; C:\Program Files\ATLAS consulting\RegServer\RegSrv.exe [1069568 2010-11-02] (ATLAS consulting, spol. s r.o.) [File not signed]
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [316824 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [5446808 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110048 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.1019\McCHSvc.exe [325408 2019-04-24] (McAfee, Inc. -> McAfee, Inc.)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [271760 2009-04-15] (CyberLink -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2891880 2019-02-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7757552 2018-02-26] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [279408 2017-09-29] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [88072 2019-02-17] (Microsoft Corporation -> Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [981576 2018-01-03] (AVG Technologies CZ, s.r.o. -> )

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [34744 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [172472 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [220472 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [158584 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgblog.sys [255200 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [51320 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [14768 2019-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [40736 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [138320 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [101032 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [72848 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [783072 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [403432 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [165304 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [312512 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-11-09] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [205800 2015-09-23] (ESET, spol. s r.o. -> ESET)
S1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [145512 2015-09-23] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\DRIVERS\ekbdflt.sys [111040 2015-10-07] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [161992 2015-09-23] (ESET, spol. s r.o. -> ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44608 2015-09-23] (ESET, spol. s r.o. -> ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [56944 2015-09-23] (ESET, spol. s r.o. -> ESET)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2009-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 Huawei; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [23424 2009-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Tech. Co., Ltd.)
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [102912 2009-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [101120 2009-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [746752 2017-01-23] (Realtek Semiconductor Corp -> Realtek )
R1 tidnet; C:\WINDOWS\system32\DRIVERS\tidnet.sys [19200 2009-09-15] (Telefónica I+D) [File not signed]
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [15360 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37440 2017-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [253848 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [119952 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98200 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [186880 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-16 22:13 - 2019-05-16 22:19 - 000043666 _____ C:\Users\oem\Desktop\FRST.txt
2019-05-16 22:13 - 2019-05-16 22:13 - 000000000 ____D C:\FRST
2019-05-16 22:11 - 2019-05-16 22:12 - 001793536 _____ (Farbar) C:\Users\oem\Desktop\FRST.exe
2019-05-16 22:05 - 2019-05-16 22:06 - 002434560 _____ (Farbar) C:\Users\oem\Desktop\FRST64.exe
2019-05-16 20:33 - 2019-05-16 20:33 - 007659128 _____ (ESET spol. s r.o.) C:\Users\oem\Downloads\esetonlinescanner_csy.exe
2019-05-16 20:30 - 2019-05-16 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2019-05-16 20:29 - 2019-05-16 20:31 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2019-05-16 20:18 - 2019-05-16 20:18 - 458825508 _____ C:\WINDOWS\MEMORY.DMP
2019-05-16 20:18 - 2019-05-16 20:18 - 000000000 _____ C:\WINDOWS\Minidump\051619-46562-01.dmp
2019-05-16 15:05 - 2019-05-16 15:06 - 001962947 _____ C:\Users\oem\Desktop\SKMBT_C36019051612310.pdf
2019-05-16 15:04 - 2019-05-16 15:05 - 000965835 _____ C:\Users\oem\Desktop\SKMBT_C36019051612300.pdf
2019-05-16 15:03 - 2019-05-16 15:04 - 001800070 _____ C:\Users\oem\Desktop\SKMBT_C36019051612290.pdf
2019-05-16 15:01 - 2019-05-16 15:01 - 005074096 _____ C:\Users\oem\Desktop\SKMBT_C36019051612270.pdf
2019-05-16 10:54 - 2019-05-16 10:54 - 000038719 _____ C:\Users\oem\Downloads\1541 potvrzení o úhradě.pdf
2019-05-16 09:07 - 2019-05-16 09:07 - 000178689 _____ C:\Users\oem\Downloads\hlasování per rollam.pdf
2019-05-14 15:40 - 2019-05-14 15:40 - 000037844 _____ C:\Users\oem\Downloads\1547.pdf
2019-05-14 08:03 - 2019-05-14 08:03 - 000038595 _____ C:\Users\oem\Downloads\1544 KC1.pdf
2019-05-14 08:01 - 2019-05-14 08:02 - 000038072 _____ C:\Users\oem\Downloads\1546.pdf
2019-05-14 08:01 - 2019-05-14 08:02 - 000038072 _____ C:\Users\oem\Downloads\1546 (1).pdf
2019-05-13 11:10 - 2019-05-13 11:10 - 000391062 _____ C:\Users\oem\Downloads\Černušák (2).pdf
2019-05-13 11:10 - 2019-05-13 11:10 - 000390879 _____ C:\Users\oem\Downloads\Černušák (1).pdf
2019-05-13 10:37 - 2019-05-13 10:37 - 000390879 _____ C:\Users\oem\Downloads\Černušák.pdf
2019-05-13 10:37 - 2019-05-13 10:37 - 000390841 _____ C:\Users\oem\Downloads\Nytra.pdf
2019-05-13 10:37 - 2019-05-13 10:37 - 000390799 _____ C:\Users\oem\Downloads\Šrůtek.pdf
2019-05-10 13:54 - 2019-05-10 13:55 - 000038016 _____ C:\Users\oem\Downloads\1545.pdf
2019-05-07 11:36 - 2019-05-07 11:36 - 000038606 _____ C:\Users\oem\Downloads\1544.pdf
2019-05-07 11:36 - 2019-05-07 11:36 - 000037864 _____ C:\Users\oem\Downloads\1538.pdf
2019-05-07 11:36 - 2019-05-07 11:36 - 000037814 _____ C:\Users\oem\Downloads\1543 KC.pdf
2019-05-02 13:15 - 2019-05-02 13:15 - 005222662 _____ C:\Users\oem\Downloads\1556271943-c365be22a6fb84dfb2bb48b4a3a27f48.pdf
2019-05-02 11:45 - 2019-05-02 11:45 - 000038035 _____ C:\Users\oem\Downloads\1542.pdf
2019-05-02 11:45 - 2019-05-02 11:45 - 000037801 _____ C:\Users\oem\Downloads\1543.pdf
2019-04-26 08:44 - 2019-04-26 08:44 - 000707874 _____ C:\Users\oem\Downloads\UŽIVATELSKÁ PŘÍRUČKA PRO INVESTORY.pdf
2019-04-25 08:02 - 2019-04-25 08:00 - 000311216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2019-04-24 09:36 - 2019-04-24 09:36 - 000383966 _____ C:\Users\oem\Downloads\209_8411718709_37753B776E.pdf
2019-04-23 11:03 - 2019-04-23 11:03 - 000526321 _____ C:\Users\oem\Downloads\Domácnost VPP D 2017_02.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-16 22:15 - 2017-09-29 07:31 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-05-16 22:10 - 2017-12-21 10:13 - 000000000 ____D C:\Users\oem
2019-05-16 21:31 - 2017-02-03 10:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
2019-05-16 21:31 - 2017-02-03 10:56 - 000000000 ____D C:\Program Files\FileViewPro
2019-05-16 20:33 - 2010-10-14 07:33 - 000000000 ____D C:\Users\oem\AppData\Local\ESET
2019-05-16 20:30 - 2019-02-18 08:57 - 000002164 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2019-05-16 20:30 - 2017-10-11 09:14 - 000000000 ____D C:\Program Files\McAfee Security Scan
2019-05-16 20:29 - 2012-11-28 18:47 - 000000000 ____D C:\ProgramData\McAfee
2019-05-16 20:18 - 2019-03-20 13:44 - 000000000 ____D C:\WINDOWS\Minidump
2019-05-16 20:18 - 2017-12-21 10:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-16 20:18 - 2017-12-21 10:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-16 20:18 - 2016-09-23 09:28 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-16 14:49 - 2018-04-12 07:31 - 000000000 ___HD C:\$WINDOWS.~BT
2019-05-16 14:49 - 2017-09-29 13:55 - 000000000 ____D C:\WINDOWS\Registration
2019-05-16 14:48 - 2017-12-21 10:30 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2019-05-16 14:48 - 2017-12-21 10:30 - 000011433 _____ C:\WINDOWS\diagerr.xml
2019-05-16 13:15 - 2017-09-29 13:55 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2019-05-16 13:12 - 2017-12-19 10:20 - 000000000 ___DC C:\WINDOWS\Panther
2019-05-16 13:12 - 2017-09-29 13:55 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-16 13:12 - 2017-09-29 13:55 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-16 12:51 - 2015-11-09 19:18 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-16 12:44 - 2013-08-14 22:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-16 12:37 - 2010-04-24 16:50 - 129361720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-16 08:00 - 2017-09-29 13:55 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-05-13 13:10 - 2018-10-04 09:05 - 000000000 ____D C:\Users\oem\AppData\Local\CrashDumps
2019-05-13 08:08 - 2016-01-05 13:59 - 000002402 _____ C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-13 08:08 - 2015-11-09 19:09 - 000000000 ___RD C:\Users\oem\OneDrive
2019-05-10 11:34 - 2017-09-29 13:55 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-05-07 11:16 - 2017-09-29 13:45 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-03 07:42 - 2010-08-21 08:02 - 000000000 ____D C:\Program Files\TeamViewer
2019-05-02 08:32 - 2015-11-20 20:21 - 000002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-02 08:32 - 2015-11-20 20:21 - 000002243 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-25 08:03 - 2019-04-15 08:02 - 000000077 _____ C:\WINDOWS\system32\Drivers\avgSP.sys.sum
2019-04-25 08:03 - 2017-12-19 12:47 - 000403432 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2019-04-25 08:03 - 2017-12-19 12:47 - 000312512 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2019-04-25 08:02 - 2017-09-29 13:55 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-25 08:00 - 2019-01-15 08:59 - 000220472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2019-04-25 08:00 - 2019-01-04 13:10 - 000255200 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgblog.sys
2019-04-25 08:00 - 2019-01-04 13:10 - 000158584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2019-04-25 08:00 - 2019-01-04 13:10 - 000051320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2019-04-25 08:00 - 2019-01-04 13:10 - 000034744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2019-04-25 08:00 - 2018-10-10 07:56 - 000040736 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2019-04-25 08:00 - 2017-12-19 12:47 - 000783072 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2019-04-25 08:00 - 2017-12-19 12:47 - 000172472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2019-04-25 08:00 - 2017-12-19 12:47 - 000165304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2019-04-25 08:00 - 2017-12-19 12:47 - 000138320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2019-04-25 08:00 - 2017-12-19 12:47 - 000101032 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2019-04-25 08:00 - 2017-12-19 12:47 - 000072848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2019-04-16 08:05 - 2017-12-21 10:08 - 002465720 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-16 08:05 - 2017-09-30 14:07 - 001065998 _____ C:\WINDOWS\system32\perfh005.dat
2019-04-16 08:05 - 2017-09-30 14:07 - 000257800 _____ C:\WINDOWS\system32\perfc005.dat

==================== Files in the root of some directories =======

2010-10-11 18:55 - 2010-10-11 18:58 - 000000220 _____ () C:\Users\oem\AppData\Roaming\data.dat
2010-10-18 07:30 - 2010-10-18 21:47 - 000139152 _____ () C:\Users\oem\AppData\Roaming\PnkBstrK.sys
2009-07-13 22:46 - 2009-06-10 23:23 - 001169224 ____H (Microsoft Corporation) C:\Users\oem\AppData\Roaming\SS.exe
2010-11-21 21:37 - 2011-10-30 13:23 - 000000600 _____ () C:\Users\oem\AppData\Roaming\winscp.rnd
2011-01-19 19:26 - 2011-01-19 19:26 - 000000017 _____ () C:\Users\oem\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  cs-CZ
inherit                 {globalsettings}
default                 {current}
resumeobject            {f6f54994-e4da-11e7-a0ac-406186c0da4e}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {7cb62c7a-e625-11e7-893b-889fd9276604}
device                  ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{7cb62c7b-e625-11e7-893b-889fd9276604}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
locale                  cs-CZ
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{7cb62c7b-e625-11e7-893b-889fd9276604}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.exe
description             Windows 10
locale                  cs-CZ
inherit                 {bootloadersettings}
recoverysequence        {7cb62c7a-e625-11e7-893b-889fd9276604}
displaymessageoverride  Recovery
recoveryenabled         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {f6f54994-e4da-11e7-a0ac-406186c0da4e}
nx                      OptIn
bootmenupolicy          Standard

Resume from Hibernate
---------------------
identifier              {f6f54994-e4da-11e7-a0ac-406186c0da4e}
device                  partition=C:
path                    \WINDOWS\system32\winresume.exe
description             Windows Resume Application
locale                  cs-CZ
inherit                 {resumeloadersettings}
recoverysequence        {7cb62c7a-e625-11e7-893b-889fd9276604}
recoveryenabled         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
pae                     Yes
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Diagnostika pamŘti syst‚mu Windows
locale                  cs-CZ
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 No

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {7cb62c7b-e625-11e7-893b-889fd9276604}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume3
ramdisksdipath          \Recovery\WindowsRE\boot.sdi


LastRegBack: 2019-05-06 11:20
==================== End of FRST.txt ============================