Prosím o kontrolu logu

[Zihos]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.12.2018 01
Ran by udrzbaaqp (administrator) on DESKTOP-POLALO5 (03-12-2018 07:35:26)
Running from C:\Users\udrzbaaqp\Downloads
Loaded Profiles: udrzbaaqp (Available Profiles: udrzbaaqp & admin)
Platform: Windows 10 Pro Version 1703 15063.1292 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126974.inf_amd64_9168fc04b8275db9\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126974.inf_amd64_9168fc04b8275db9\IntelCpHDCPSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
() C:\ProgramData\Logic Cramble\set.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\ProgramData\PrefsSecure\Nettrans.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126974.inf_amd64_9168fc04b8275db9\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1382\DSAPI.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1382\pcdrwi.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126974.inf_amd64_9168fc04b8275db9\igfxEM.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRFE.EXE
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.12493.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
() C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [773760 2016-10-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9192960 2017-03-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1484288 2017-03-31] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [960896 2017-03-27] (Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-08-18] (Intel Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [432776 2018-06-28] (Geek Software GmbH)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23776552 2018-12-02] (Microsoft Corporation)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [9314407] => "C:\Users\udrzbaaqp\AppData\Roaming\p2i1i2mmodf\a2vaeht00mx.exe" /VERYSILENT
AppInit_DLLs: C:\ProgramData\Voyasollam\Toughla.dll => C:\ProgramData\Voyasollam\Toughla.dll [342528 2018-12-02] ()
AppInit_DLLs-x32: C:\ProgramData\Voyasollam\SpanLab.dll => C:\ProgramData\Voyasollam\SpanLab.dll [460800 2018-12-02] ()
GroupPolicy: Restriction - Windows Defender <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{e2cb4e83-ff22-4e83-8d4a-7bd8a6a9a3bc}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{f82cf98f-69c3-425b-ae5c-8530af3ed851}: [DhcpNameServer] 192.168.0.9

Internet Explorer:
==================
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGapxjgzcmq9_vvR8UZk_4ddjKK2N2aEXcAdmsa1yFBrY-rLEg6RUxEsmiSWNc6-LSjjrqIJzVUnZFLtgf2MvFQg81Y-GLtUnV50J3jogY8kVYV0cUaKzVWwPEgTMq9RDZovzSqMpTAVm6TLoD4XyGZNRfnmI&q={searchTerms}
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGapxjgzcmq9_vvR8UZk_4ddjKK2N2aEXcAdmsa1yFBrY-rLEg6RUxEsmiSWNc6-LSjjnq25h2LXBEwAMjb1A-onGvtD167c5Zv4gB7tECgD0_l9MDuaMz2Ehu-AO6AP-eG7OcIlltTt2B18yQxyr1Ublike9
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGapxjgzcmq9_vvR8UZk_4ddjKK2N2aEXcAdmsa1yFBrY-rLEg6RUxEsmiSWNc6-LSjjrqIJzVUnZFLtgf2MvFQg81Y-GLtUnV50J3jogY8kVYV0cUaKzVWwPEgTMq9RDZovzSqMpTAVm6TLoD4XyGZNRfnmI&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1142325245-130890802-2529674674-2207 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGapxjgzcmq9_vvR8UZk_4ddjKK2N2aEXcAdmsa1yFBrY-rLEg6RUxEsmiSWNc6-LSjjrqIJzVUnZFLtgf2MvFQg81Y-GLtUnV50J3jogY8kVYV0cUaKzVWwPEgTMq9RDZovzSqMpTAVm6TLoD4XyGZNRfnmI&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1142325245-130890802-2529674674-2207 -> {5ECD7986-C300-4472-9D65-3E0E98EC1172} URL =
SearchScopes: HKU\S-1-5-21-1142325245-130890802-2529674674-2207 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGapxjgzcmq9_vvR8UZk_4ddjKK2N2aEXcAdmsa1yFBrY-rLEg6RUxEsmiSWNc6-LSjjrqIJzVUnZFLtgf2MvFQg81Y-GLtUnV50J3jogY8kVYV0cUaKzVWwPEgTMq9RDZovzSqMpTAVm6TLoD4XyGZNRfnmI&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-12-02] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-12-02] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)

FireFox:
========
FF Extension: (Adblocker na Youtube™) - C:\Program Files\Mozilla Firefox\browser\features\{733ED5DC-6D54-4A04-900B-CA85BF4B9A1B}.xpi [2018-12-02] [not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-11] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default [2018-12-02]
CHR Extension: (Slides) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-19]
CHR Extension: (Docs) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-19]
CHR Extension: (Google Drive) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-19]
CHR Extension: (Adblock Plus) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-11-15]
CHR Extension: (Sheets) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-19]
CHR Extension: (Google Docs Offline) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Save to Facebook) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2018-09-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-19]
CHR Extension: (TeamViewer) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2018-10-23]
CHR Extension: (Океан) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgedigcdbemilinbicidhplhebjoafpl [2018-09-23]
CHR Extension: (Gmail) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-19]
CHR Extension: (Chrome Media Router) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-26]
CHR Extension: (Stopwatch / Timer / Alarm) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmbmdkichekkmkgbohcbpfehiekdjnpl [2018-06-19]
CHR Profile: C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-02]
CHR Profile: C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-02]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [104744 2016-10-20] (Alps Electric Co., Ltd.)
R2 backlh; C:\ProgramData\Logic Cramble\set.exe [3780096 2018-12-02] () [File not signed] <==== ATTENTION
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9646240 2018-11-20] (Microsoft Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [94136 2016-06-02] (Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2018-10-22] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3347440 2018-10-22] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2018-10-22] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1382\DSAPI.exe [1002816 2018-11-05] (PC-Doctor, Inc.)
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Security\ehttpsrv.exe [43208 2015-11-27] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [1612000 2015-11-27] (ESET)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (Seiko Epson Corporation)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Security\eshasrv.exe [185032 2015-11-27] (ESET)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-21] (Intel Corporation)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2413752 2017-08-18] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-08-18] (Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [183560 2016-10-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2016-12-19] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-19] ()
R2 Nettrans; C:\ProgramData\PrefsSecure\Nettrans.exe [43520 2018-12-02] () [File not signed] <==== ATTENTION
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [432776 2018-06-28] (Geek Software GmbH)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-03-31] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2018-06-08] (Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [38872 2018-10-25] (Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
R2 WavesSysSvc; c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [415112 2017-03-27] (Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-19] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-19] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-19] (Intel® Corporation)
S2 CRMSvc; "C:\Users\udrzbaaqp\AppData\Roaming\CRMSvc\CRMSvc.exe" [X]
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{BE2B905D-8940-4584-B996-F7A9B96E8F1E}

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApHidfiltrService; C:\Windows\System32\drivers\ApHidfiltr.sys [281608 2016-10-20] (Alps Electric Co., Ltd.)
S3 cpuz140; C:\Users\udrzbaaqp\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [43840 2018-12-02] (CPUID) <==== ATTENTION
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [36400 2018-10-20] (Dell Inc.)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-05-08] (Dell Computer Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [74144 2017-11-21] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [69536 2017-11-21] (Intel Corporation)
R3 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [253752 2015-11-11] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186272 2015-11-11] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [205288 2015-11-11] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [52872 2015-11-11] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69328 2015-11-11] (ESET)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [382880 2017-11-21] (Intel Corporation)
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54800 2016-08-16] (Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [70664 2017-08-18] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [733448 2016-10-06] (Intel Corporation)
S3 mosuport; C:\Windows\System32\drivers\mosuport.sys [367744 2016-12-23] (ASIX Electronics Corporation)
S3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7621376 2017-03-18] (Intel Corporation)
R3 Netwtw06; C:\Windows\system32\DRIVERS\Netwtw06.sys [8751632 2018-04-04] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [864704 2017-10-31] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [154280 2016-10-13] (STMicroelectronics)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46072 2018-06-19] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [313384 2018-06-19] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-19] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-03 07:35 - 2018-12-03 07:37 - 000022318 _____ C:\Users\udrzbaaqp\Downloads\FRST.txt
2018-12-03 07:35 - 2018-12-03 07:35 - 000000000 ____D C:\FRST
2018-12-03 07:34 - 2018-12-03 07:34 - 002417152 _____ (Farbar) C:\Users\udrzbaaqp\Downloads\FRST64.exe
2018-12-03 06:57 - 2018-12-03 06:57 - 000000000 ___HD C:\OneDriveTemp
2018-12-03 06:55 - 2018-12-03 06:55 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2018-12-02 21:55 - 2018-12-02 21:55 - 000000000 ___HD C:\$SysReset
2018-12-02 21:44 - 2017-12-08 23:25 - 000798520 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-12-02 21:44 - 2017-12-08 23:25 - 000490808 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-12-02 21:44 - 2017-12-08 23:24 - 000928568 _____ C:\Windows\system32\vulkan-1.dll
2018-12-02 21:44 - 2017-12-08 23:24 - 000591672 _____ C:\Windows\system32\vulkaninfo.exe
2018-12-02 21:30 - 2018-12-02 21:30 - 000398648 _____ C:\Windows\system32\FNTCACHE.DAT
2018-12-02 21:28 - 2018-12-02 21:28 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\Mozilla
2018-12-02 21:27 - 2018-12-02 21:32 - 000000000 ____D C:\ProgramData\pUIfuUUTjzrUMTVB
2018-12-02 21:27 - 2018-12-02 21:28 - 000000000 ____D C:\Program Files (x86)\VtuYtIvrjzmOrIBvrWR
2018-12-02 21:27 - 2018-12-02 21:28 - 000000000 ____D C:\Program Files (x86)\vevsoISKgkcDC
2018-12-02 21:27 - 2018-12-02 21:28 - 000000000 ____D C:\Program Files (x86)\loreCZYyGIE
2018-12-02 21:27 - 2018-12-02 21:28 - 000000000 ____D C:\Program Files (x86)\FVgedVjzKgFU2
2018-12-02 21:27 - 2018-12-02 21:28 - 000000000 ____D C:\Program Files (x86)\DjpYILTWU
2018-12-02 21:27 - 2018-12-02 21:27 - 000015606 _____ C:\Windows\SysWOW64\findit.xml
2018-12-02 21:27 - 2018-12-02 21:27 - 000003688 _____ C:\Windows\System32\Tasks\FastDataX Task
2018-12-02 21:27 - 2018-12-02 21:27 - 000003044 _____ C:\Windows\System32\Tasks\ClwhhsndxrpfQ2
2018-12-02 21:27 - 2018-12-02 21:27 - 000000000 ____D C:\ProgramData\Voyasollams
2018-12-02 21:27 - 2018-12-02 21:27 - 000000000 ____D C:\ProgramData\b4805af4-6847-1
2018-12-02 21:27 - 2018-12-02 21:27 - 000000000 ____D C:\ProgramData\b4805af4-53f5-0
2018-12-02 21:27 - 2018-12-02 21:27 - 000000000 ____D C:\ProgramData\88b6f583-3831-1
2018-12-02 21:27 - 2018-12-02 21:27 - 000000000 ____D C:\ProgramData\88b6f583-1457-0
2018-12-02 21:27 - 2018-12-02 21:27 - 000000000 ____D C:\Program Files (x86)\FastDataX
2018-12-02 21:27 - 2018-12-02 21:27 - 000000000 ____D C:\Program Files (x86)\bbIORqNasDUn
2018-12-02 21:27 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2018-12-02 21:27 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2018-12-02 21:27 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2018-12-02 21:27 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2018-12-02 21:27 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2018-12-02 21:27 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2018-12-02 21:27 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2018-12-02 21:27 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2018-12-02 21:27 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2018-12-02 21:27 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2018-12-02 21:27 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2018-12-02 21:27 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2018-12-02 21:27 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2018-12-02 21:27 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2018-12-02 21:27 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2018-12-02 21:27 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2018-12-02 21:27 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2018-12-02 21:27 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2018-12-02 21:27 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2018-12-02 21:27 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2018-12-02 21:27 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2018-12-02 21:27 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2018-12-02 21:27 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2018-12-02 21:27 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2018-12-02 21:27 - 2008-10-10 04:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2018-12-02 21:27 - 2008-10-10 04:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2018-12-02 21:27 - 2008-10-10 04:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2018-12-02 21:27 - 2008-10-10 04:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2018-12-02 21:27 - 2008-10-10 04:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2018-12-02 21:27 - 2008-10-10 04:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2018-12-02 21:27 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2018-12-02 21:27 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2018-12-02 21:27 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2018-12-02 21:27 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2018-12-02 21:27 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2018-12-02 21:27 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2018-12-02 21:27 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2018-12-02 21:27 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2018-12-02 21:27 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2018-12-02 21:27 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2018-12-02 21:27 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2018-12-02 21:27 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2018-12-02 21:27 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2018-12-02 21:27 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2018-12-02 21:27 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2018-12-02 21:27 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2018-12-02 21:27 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2018-12-02 21:27 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2018-12-02 21:27 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2018-12-02 21:27 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2018-12-02 21:27 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2018-12-02 21:27 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2018-12-02 21:27 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2018-12-02 21:27 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2018-12-02 21:27 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2018-12-02 21:27 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2018-12-02 21:27 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2018-12-02 21:27 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2018-12-02 21:27 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2018-12-02 21:27 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2018-12-02 21:27 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2018-12-02 21:27 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2018-12-02 21:27 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2018-12-02 21:27 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2018-12-02 21:27 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2018-12-02 21:27 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2018-12-02 21:27 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2018-12-02 21:27 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2018-12-02 21:27 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2018-12-02 21:27 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2018-12-02 21:27 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2018-12-02 21:27 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2018-12-02 21:27 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2018-12-02 21:27 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2018-12-02 21:27 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2018-12-02 21:27 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2018-12-02 21:27 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2018-12-02 21:27 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2018-12-02 21:27 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2018-12-02 21:27 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2018-12-02 21:27 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2018-12-02 21:27 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2018-12-02 21:27 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2018-12-02 21:27 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2018-12-02 21:27 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2018-12-02 21:27 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2018-12-02 21:27 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2018-12-02 21:27 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2018-12-02 21:27 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2018-12-02 21:27 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2018-12-02 21:27 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2018-12-02 21:27 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2018-12-02 21:27 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2018-12-02 21:27 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2018-12-02 21:27 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2018-12-02 21:27 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2018-12-02 21:27 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2018-12-02 21:27 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2018-12-02 21:27 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2018-12-02 21:27 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2018-12-02 21:27 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2018-12-02 21:27 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2018-12-02 21:27 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2018-12-02 21:27 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2018-12-02 21:27 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2018-12-02 21:27 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2018-12-02 21:27 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2018-12-02 21:27 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2018-12-02 21:27 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2018-12-02 21:27 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2018-12-02 21:27 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2018-12-02 21:27 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2018-12-02 21:27 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2018-12-02 21:27 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2018-12-02 21:27 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2018-12-02 21:27 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2018-12-02 21:27 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2018-12-02 21:27 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2018-12-02 21:27 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2018-12-02 21:27 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2018-12-02 21:27 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2018-12-02 21:27 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2018-12-02 21:27 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2018-12-02 21:27 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2018-12-02 21:27 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2018-12-02 21:27 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2018-12-02 21:27 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2018-12-02 21:27 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2018-12-02 21:26 - 2018-12-02 22:02 - 000000000 ____D C:\Program Files (x86)\Multitimer
2018-12-02 21:26 - 2018-12-02 21:58 - 000000000 ____D C:\ProgramData\PrefsSecure
2018-12-02 21:26 - 2018-12-02 21:30 - 000000000 ____D C:\Program Files\GWIQ5IDGYT
2018-12-02 21:26 - 2018-12-02 21:29 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\p2i1i2mmodf
2018-12-02 21:26 - 2018-12-02 21:29 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\CRMSvc
2018-12-02 21:26 - 2018-12-02 21:29 - 000000000 ____D C:\ProgramData\Voyasollam
2018-12-02 21:26 - 2018-12-02 21:28 - 000000000 ____D C:\Program Files (x86)\OneSystemCare
2018-12-02 21:26 - 2018-12-02 21:27 - 000722944 _____ C:\Users\udrzbaaqp\AppData\Local\sham.db
2018-12-02 21:26 - 2018-12-02 21:26 - 007813632 _____ C:\Users\udrzbaaqp\AppData\Local\agent.dat
2018-12-02 21:26 - 2018-12-02 21:26 - 002025197 _____ C:\Users\udrzbaaqp\AppData\Local\Stringlam.tst
2018-12-02 21:26 - 2018-12-02 21:26 - 001995264 _____ (TODO: <Company name>) C:\Users\udrzbaaqp\AppData\Local\Stringlam.exe
2018-12-02 21:26 - 2018-12-02 21:26 - 001895382 _____ C:\Users\udrzbaaqp\AppData\Local\Voltfax.bin
2018-12-02 21:26 - 2018-12-02 21:26 - 000278510 _____ C:\Users\udrzbaaqp\AppData\Local\ApTraxit.bin
2018-12-02 21:26 - 2018-12-02 21:26 - 000140800 _____ C:\Users\udrzbaaqp\AppData\Local\installer.dat
2018-12-02 21:26 - 2018-12-02 21:26 - 000126464 _____ C:\Users\udrzbaaqp\AppData\Local\noah.dat
2018-12-02 21:26 - 2018-12-02 21:26 - 000070896 _____ C:\Users\udrzbaaqp\AppData\Local\Config.xml
2018-12-02 21:26 - 2018-12-02 21:26 - 000018432 _____ C:\Users\udrzbaaqp\AppData\Local\Main.dat
2018-12-02 21:26 - 2018-12-02 21:26 - 000016080 _____ C:\Users\udrzbaaqp\AppData\Local\InstallationConfiguration.xml
2018-12-02 21:26 - 2018-12-02 21:26 - 000005568 _____ C:\Users\udrzbaaqp\AppData\Local\md.xml
2018-12-02 21:26 - 2018-12-02 21:26 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\One System Care
2018-12-02 21:26 - 2018-12-02 21:26 - 000000000 ____D C:\ProgramData\Logic Cramble
2018-12-02 21:26 - 2018-12-02 21:26 - 000000000 ____D C:\ProgramData\b199a7fe-d3aa-4ff9-9d61-b5dd5debd99d
2018-12-02 21:26 - 2018-12-02 21:26 - 000000000 ____D C:\Program Files (x86)\bubans
2018-12-02 21:26 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2018-12-02 21:26 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2018-12-02 21:26 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2018-12-02 21:26 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2018-12-02 21:26 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2018-12-02 21:26 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2018-12-02 21:26 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2018-12-02 21:26 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2018-12-02 21:26 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2018-12-02 21:26 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2018-12-02 21:26 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2018-12-02 21:26 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2018-12-02 21:26 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2018-12-02 21:26 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2018-12-02 21:26 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2018-12-02 21:26 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2018-12-02 21:26 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2018-12-02 21:26 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2018-12-02 21:25 - 2018-12-02 21:30 - 000000408 _____ C:\Windows\Tasks\Updater_Online_Application.job
2018-12-02 21:25 - 2018-12-02 21:30 - 000000376 _____ C:\Windows\Tasks\Online Application V2G6.job
2018-12-02 21:25 - 2018-12-02 21:30 - 000000376 _____ C:\Windows\Tasks\Online Application V2G5.job
2018-12-02 21:25 - 2018-12-02 21:30 - 000000376 _____ C:\Windows\Tasks\Online Application V2G4.job
2018-12-02 21:25 - 2018-12-02 21:30 - 000000376 _____ C:\Windows\Tasks\Online Application V2G3.job
2018-12-02 21:25 - 2018-12-02 21:30 - 000000376 _____ C:\Windows\Tasks\Online Application V2G2.job
2018-12-02 21:25 - 2018-12-02 21:30 - 000000376 _____ C:\Windows\Tasks\Online Application V2G1.job
2018-12-02 21:25 - 2018-12-02 21:30 - 000000000 ____D C:\Program Files (x86)\Action
2018-12-02 21:25 - 2018-12-02 21:25 - 000003302 _____ C:\Windows\System32\Tasks\Updater_Online_Application
2018-12-02 21:25 - 2018-12-02 21:25 - 000003266 _____ C:\Windows\System32\Tasks\Online Application V2G6
2018-12-02 21:25 - 2018-12-02 21:25 - 000003266 _____ C:\Windows\System32\Tasks\Online Application V2G5
2018-12-02 21:25 - 2018-12-02 21:25 - 000003266 _____ C:\Windows\System32\Tasks\Online Application V2G4
2018-12-02 21:25 - 2018-12-02 21:25 - 000003266 _____ C:\Windows\System32\Tasks\Online Application V2G3
2018-12-02 21:25 - 2018-12-02 21:25 - 000003266 _____ C:\Windows\System32\Tasks\Online Application V2G2
2018-12-02 21:25 - 2018-12-02 21:25 - 000003266 _____ C:\Windows\System32\Tasks\Online Application V2G1
2018-12-02 21:25 - 2018-12-02 21:25 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\Microleaves
2018-12-02 21:25 - 2018-12-02 21:25 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Local\AdvinstAnalytics
2018-12-02 21:25 - 2018-12-02 21:25 - 000000000 ____D C:\Program Files (x86)\Microleaves
2018-12-02 21:24 - 2018-12-02 21:29 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Local\William
2018-12-02 21:24 - 2018-12-02 21:27 - 000000000 ____D C:\Windows\SysWOW64\directx
2018-12-02 21:24 - 2018-12-02 21:26 - 000000000 ___HD C:\Windows\msdownld.tmp
2018-12-02 21:24 - 2018-12-02 21:24 - 000586240 _____ C:\Users\udrzbaaqp\AppData\Roaming\AutoHot.exe
2018-12-02 20:13 - 2018-12-02 21:36 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\Easeware
2018-12-02 18:24 - 2018-12-02 18:24 - 000002565 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000002526 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2018-11-29 09:22 - 2018-11-29 09:22 - 000003368 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1142325245-130890802-2529674674-1367
2018-11-29 09:22 - 2018-11-29 09:22 - 000002431 _____ C:\Users\mbajannekk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-29 09:21 - 2017-08-28 14:21 - 000160768 _____ (KONICA MINOLTA, INC.) C:\Windows\KOBDrvAPIW64.EXE
2018-11-29 09:21 - 2017-08-28 14:21 - 000112120 _____ (KONICA MINOLTA, INC.) C:\Windows\system32\KOBDrvAPIIF.DLL
2018-11-29 09:21 - 2017-08-28 14:21 - 000104440 _____ (KONICA MINOLTA, INC.) C:\Windows\SysWOW64\KOBDrvAPIIF.DLL
2018-11-29 09:19 - 2018-11-29 09:19 - 000000000 ____D C:\Users\mbajannekk\Desktop\PCL6
2018-11-29 09:19 - 2017-08-28 14:20 - 000025600 _____ (KONICA MINOLTA, INC.) C:\Windows\system32\KOAXWJ_L.DLL
2018-11-29 09:18 - 2018-11-29 09:18 - 000000000 ____D C:\Users\mbajannekk\AppData\Roaming\Epson
2018-11-29 09:18 - 2018-11-29 09:18 - 000000000 ____D C:\Users\mbajannekk\AppData\Local\__SHARED
2018-11-29 09:17 - 2018-11-29 09:18 - 000000000 ____D C:\Users\mbajannekk\AppData\Local\Intel
2018-11-29 09:17 - 2018-11-29 09:17 - 000000000 ____D C:\Users\mbajannekk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2018-11-29 09:17 - 2018-11-29 09:17 - 000000000 ____D C:\Users\mbajannekk\AppData\Local\mbamtray
2018-11-29 09:17 - 2018-11-29 09:17 - 000000000 ____D C:\Users\mbajannekk\AppData\Local\Google
2018-11-29 06:59 - 2018-11-29 06:59 - 000003366 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1142325245-130890802-2529674674-2207
2018-11-29 06:59 - 2018-11-29 06:59 - 000002428 _____ C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-27 15:31 - 2018-11-27 15:31 - 000001339 _____ C:\Users\udrzbaaqp\Desktop\Dodávatelia servisných prác.lnk
2018-11-23 10:44 - 2018-11-23 10:44 - 000001145 _____ C:\Users\udrzbaaqp\Desktop\Šablóny objednávky.lnk
2018-11-20 16:04 - 2018-11-22 19:29 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Prenosový
2018-11-14 06:43 - 2018-11-14 06:43 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-07 17:08 - 2018-11-07 17:09 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\EPSON New
2018-11-07 16:31 - 2018-12-02 18:20 - 000000945 _____ C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {EC167C7D-6361-4194-84F4-961F6DBE4D51}.job
2018-11-07 16:31 - 2018-11-07 16:31 - 000004158 _____ C:\Windows\System32\Tasks\EPSON XP-243 245 247 Series Update {EC167C7D-6361-4194-84F4-961F6DBE4D51}
2018-11-07 16:27 - 2018-11-07 21:13 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\EPSON
2018-11-07 16:27 - 2018-11-07 16:27 - 000000000 ____D C:\Program Files\EpsonNet
2018-11-07 16:27 - 2018-11-07 16:27 - 000000000 ____D C:\Program Files\Common Files\EPSON
2018-11-07 16:26 - 2018-11-07 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-11-07 16:26 - 2018-11-07 16:32 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2018-11-07 16:24 - 2018-11-07 16:32 - 000000000 ____D C:\Program Files (x86)\epson
2018-11-07 16:24 - 2018-11-07 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-11-07 16:24 - 2016-11-08 12:30 - 000145224 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc64.exe
2018-11-07 16:24 - 2016-10-28 09:53 - 000147472 _____ (TWAIN Working Group) C:\Windows\SysWOW64\twaindsm.dll
2018-11-07 16:23 - 2015-12-08 20:08 - 000182784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBRFE.DLL
2018-11-07 16:23 - 2011-03-14 19:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BRFE.DLL
2018-11-07 16:22 - 2018-11-07 21:13 - 000000000 ____D C:\ProgramData\Epson
2018-11-06 21:54 - 2018-11-06 21:54 - 000000017 _____ C:\Users\udrzbaaqp\AppData\Local\resmon.resmoncfg
2018-11-05 19:01 - 2018-11-05 19:01 - 000002251 _____ C:\Users\Public\Desktop\SupportAssist.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-03 07:27 - 2018-06-19 13:24 - 000002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-03 07:26 - 2016-09-06 06:07 - 000000000 ____D C:\Users\udrzbaaqp\Documents\Archiv pošta
2018-12-03 07:25 - 2018-06-19 17:33 - 000000000 ____D C:\Ečko
2018-12-03 06:57 - 2018-06-19 16:20 - 000004200 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FC3DF6E9-697C-4F3B-80E6-65AF9AD0A61B}
2018-12-03 06:57 - 2018-06-19 12:30 - 000000000 ___RD C:\Users\udrzbaaqp\OneDrive
2018-12-03 06:55 - 2018-06-19 12:27 - 000000000 __SHD C:\Users\udrzbaaqp\IntelGraphicsProfiles
2018-12-02 21:53 - 2017-07-07 16:42 - 001296970 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-02 21:48 - 2018-06-19 15:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-12-02 21:48 - 2017-07-07 16:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-02 21:47 - 2017-03-18 12:40 - 003407872 _____ C:\Windows\system32\config\BBI
2018-12-02 21:44 - 2017-07-07 16:48 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-12-02 21:30 - 2017-07-08 02:06 - 000000000 ____D C:\Windows\Panther
2018-12-02 21:27 - 2018-06-19 13:24 - 000002327 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-02 21:27 - 2017-09-06 12:18 - 000001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-12-02 21:26 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\system32\GroupPolicy
2018-12-02 21:24 - 2018-06-20 09:43 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Chrome down
2018-12-02 20:53 - 2017-07-07 16:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-12-02 19:58 - 2018-06-19 12:27 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Local\Packages
2018-12-02 19:58 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-02 19:58 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\AppReadiness
2018-12-02 19:22 - 2017-03-18 22:01 - 000000000 ____D C:\Windows\INF
2018-12-02 18:25 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-02 18:23 - 2017-09-22 13:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-12-02 18:19 - 2018-06-19 12:27 - 000000000 ____D C:\Users\udrzbaaqp
2018-12-01 15:51 - 2018-10-20 13:59 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Privat
2018-12-01 15:15 - 2018-06-26 05:24 - 000000000 ____D C:\ProgramData\AMMYY
2018-12-01 09:30 - 2018-10-14 19:40 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Kultúra
2018-11-29 09:22 - 2017-09-06 11:33 - 000000000 ___RD C:\Users\mbajannekk\OneDrive
2018-11-29 09:17 - 2017-09-06 11:26 - 000000000 __SHD C:\Users\mbajannekk\IntelGraphicsProfiles
2018-11-29 09:17 - 2017-07-07 17:06 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-29 08:38 - 2018-10-21 17:07 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Temp Skeny
2018-11-29 07:03 - 2018-07-04 05:43 - 000001054 _____ C:\Users\udrzbaaqp\Desktop\Ziadanky tu.lnk
2018-11-28 14:37 - 2018-06-19 16:00 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\TeamViewer
2018-11-28 12:05 - 2018-06-19 19:01 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Odkazy VNC z vonku
2018-11-26 19:04 - 2017-09-06 11:31 - 000004238 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-11-25 21:22 - 2018-10-29 17:15 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Excell testy
2018-11-24 15:55 - 2018-10-14 07:30 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\vlc
2018-11-15 10:57 - 2018-07-01 19:03 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Udrzba NB
2018-11-14 17:22 - 2018-06-21 17:27 - 000000296 _____ C:\Windows\SysWOW64\SmartFlow.txt
2018-11-12 09:12 - 2018-07-30 19:57 - 000000000 ____D C:\Users\udrzbaaqp\Documents\Zvukové záznamy
2018-11-07 16:32 - 2017-07-07 16:44 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-11-06 16:49 - 2017-07-07 16:38 - 000000000 ____D C:\ProgramData\PCDr
2018-11-05 19:01 - 2017-07-07 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2018-11-05 18:59 - 2017-09-06 11:29 - 000000000 ____D C:\ProgramData\SupportAssist

==================== Files in the root of some directories =======

2018-12-02 21:24 - 2018-12-02 21:24 - 000586240 _____ () C:\Users\udrzbaaqp\AppData\Roaming\AutoHot.exe
2018-07-02 12:54 - 2018-07-02 12:54 - 000024096 _____ () C:\Users\udrzbaaqp\AppData\Roaming\Hodnoty oddelené čiarkou.ADR
2018-07-02 12:49 - 2018-07-02 12:49 - 000008242 _____ () C:\Users\udrzbaaqp\AppData\Roaming\Hodnoty oddelené čiarkou.EML
2018-12-02 21:26 - 2018-12-02 21:26 - 007813632 _____ () C:\Users\udrzbaaqp\AppData\Local\agent.dat
2018-12-02 21:26 - 2018-12-02 21:26 - 000278510 _____ () C:\Users\udrzbaaqp\AppData\Local\ApTraxit.bin
2018-12-02 21:26 - 2018-12-02 21:26 - 000070896 _____ () C:\Users\udrzbaaqp\AppData\Local\Config.xml
2018-12-02 21:26 - 2018-12-02 21:26 - 000016080 _____ () C:\Users\udrzbaaqp\AppData\Local\InstallationConfiguration.xml
2018-12-02 21:26 - 2018-12-02 21:26 - 000140800 _____ () C:\Users\udrzbaaqp\AppData\Local\installer.dat
2018-12-02 21:26 - 2018-12-02 21:26 - 000018432 _____ () C:\Users\udrzbaaqp\AppData\Local\Main.dat
2018-12-02 21:26 - 2018-12-02 21:26 - 000005568 _____ () C:\Users\udrzbaaqp\AppData\Local\md.xml
2018-12-02 21:26 - 2018-12-02 21:26 - 000126464 _____ () C:\Users\udrzbaaqp\AppData\Local\noah.dat
2018-11-06 21:54 - 2018-11-06 21:54 - 000000017 _____ () C:\Users\udrzbaaqp\AppData\Local\resmon.resmoncfg
2018-12-02 21:26 - 2018-12-02 21:27 - 000722944 _____ () C:\Users\udrzbaaqp\AppData\Local\sham.db
2018-12-02 21:26 - 2018-12-02 21:26 - 001995264 _____ (TODO: <Company name>) C:\Users\udrzbaaqp\AppData\Local\Stringlam.exe
2018-12-02 21:26 - 2018-12-02 21:26 - 002025197 _____ () C:\Users\udrzbaaqp\AppData\Local\Stringlam.tst
2018-12-02 21:26 - 2018-12-02 21:26 - 000032038 _____ () C:\Users\udrzbaaqp\AppData\Local\uninstall_temp.ico
2018-12-02 21:26 - 2018-12-02 21:26 - 001895382 _____ () C:\Users\udrzbaaqp\AppData\Local\Voltfax.bin

Some files in TEMP:
====================
2018-12-02 21:24 - 2018-12-02 21:24 - 000466944 _____ () C:\Users\udrzbaaqp\AppData\Local\Temp\1.exe
2018-12-02 21:27 - 2018-12-02 21:27 - 007850088 _____ (Microsoft Corporation) C:\Users\udrzbaaqp\AppData\Local\Temp\BingBarSetup-Partner.exe
2018-12-02 21:25 - 2018-12-02 21:26 - 000375522 _____ ( ) C:\Users\udrzbaaqp\AppData\Local\Temp\qjytrl3gusg.exe
2018-12-02 21:24 - 2018-12-02 21:24 - 002575932 _____ () C:\Users\udrzbaaqp\AppData\Local\Temp\survarium.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-25 13:41

==================== End of FRST.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Zihos]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-11-30.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-03-2018
# Duration: 00:00:16
# OS: Windows 10 Pro
# Cleaned: 103
# Failed: 1


***** [ Services ] *****

Deleted CRMSvc
Deleted Nettrans
Deleted backlh

***** [ Folders ] *****

Deleted C:\Windows\System32\config\systemprofile\AppData\Roaming\CRMSvc
Deleted C:\Users\udrzbaaqp\AppData\Roaming\CRMSvc
Deleted C:\ProgramData\Logic Cramble
Deleted C:\Program Files (x86)\FVgedVjzKgFU2
Deleted C:\Program Files (x86)\loreCZYyGIE
Deleted C:\Program Files (x86)\DjpYILTWU
Deleted C:\Program Files (x86)\vevsoISKgkcDC
Deleted C:\Program Files (x86)\bbIORqNasDUn
Deleted C:\Program Files (x86)\VtuYtIvrjzmOrIBvrWR
Deleted C:\Program Files (x86)\Microleaves
Deleted C:\Users\udrzbaaqp\AppData\Roaming\Microleaves
Deleted C:\ProgramData\Voyasollams
Deleted C:\ProgramData\Voyasollam
Deleted C:\Program Files (x86)\Multitimer
Deleted C:\ProgramData\B4805AF4-6847-1
Deleted C:\ProgramData\B4805AF4-53F5-0
Deleted C:\ProgramData\88B6F583-3831-1
Deleted C:\ProgramData\88B6F583-1457-0
Deleted C:\Program Files (x86)\FastDataX
Deleted C:\Users\udrzbaaqp\AppData\Roaming\One System Care
Deleted C:\Program Files (x86)\OneSystemCare
Deleted C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted C:\ProgramData\PrefsSecure
Deleted C:\Windows\Temp\Smartbar

***** [ Files ] *****

Deleted C:\Users\udrzbaaqp\appdata\local\installationconfiguration.xml
Deleted C:\Users\udrzbaaqp\AppData\Local\Main.dat
Deleted C:\Windows\Installer\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted C:\Windows\SysWOW64\findit.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

***** [ Tasks ] *****

Deleted C:\Windows\Tasks\Online Application V2G5.job
Deleted C:\Windows\System32\Tasks\Online Application V2G5
Deleted C:\Windows\Tasks\Online Application V2G4.job
Deleted C:\Windows\System32\Tasks\Online Application V2G4
Deleted C:\Windows\Tasks\Online Application V2G6.job
Deleted C:\Windows\System32\Tasks\Online Application V2G6
Deleted C:\Windows\System32\Tasks\FastDataX Task
Deleted C:\Windows\Tasks\Online Application V2G2.job
Deleted C:\Windows\System32\Tasks\Online Application V2G2
Deleted C:\Windows\Tasks\Online Application V2G3.job
Deleted C:\Windows\System32\Tasks\Online Application V2G3
Deleted C:\Windows\Tasks\Online Application V2G1.job
Deleted C:\Windows\System32\Tasks\Online Application V2G1
Deleted C:\Windows\Tasks\Updater_Online_Application.job
Deleted C:\Windows\System32\Tasks\Updater_Online_Application

***** [ Registry ] *****

Deleted HKLM\Software\CRMSvc
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D105DFE2-8DF6-4BA0-ABF1-392716658963}
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\CRMSvc
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted HKLM\Software\MICROSOFT\TechnologyDesktopnew
Deleted HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOYASOLLAM.EXE
Deleted HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\VOYASOLLAM.EXE
Deleted HKCU\Software\mtVoyasollam
Deleted HKLM\Software\Wow6432Node\mtVoyasollam
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1655C0CA-7AE7-4012-8502-970C8675E5F8
Deleted HKLM\Software\Wow6432Node\Microleaves
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4AADCC93-EF7F-4ADC-AE3E-6E89EAC7FD9C}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AADCC93-EF7F-4ADC-AE3E-6E89EAC7FD9C}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G5
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C2EED00E-DBA7-4AA7-B7E3-19D007FDAFF7}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2EED00E-DBA7-4AA7-B7E3-19D007FDAFF7}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G4
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53240AD1-7E80-4641-92D2-8A4BF12783E3}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53240AD1-7E80-4641-92D2-8A4BF12783E3}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G6
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Multitimer
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FastDataX_is1
Deleted HKCU\Software\FastDataX
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E826590-47B2-445D-B77B-8D32CD97062D}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E826590-47B2-445D-B77B-8D32CD97062D}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FastDataX Task
Deleted HKLM\Software\Wow6432Node\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Voyasollam.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E42920DE-875C-4B25-AECF-279E04F5E09A}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E42920DE-875C-4B25-AECF-279E04F5E09A}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G2
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B7A7600-899A-40F8-BAF3-16CCBEDE1048}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B7A7600-899A-40F8-BAF3-16CCBEDE1048}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G3
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18D74E8A-97FB-43E3-A3C2-5728F0189F9B}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18D74E8A-97FB-43E3-A3C2-5728F0189F9B}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Online Application V2G1
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Application Hosting
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes|DefaultScope
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\ielnksrch
Deleted HKCU\Environment|SNP
Deleted HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{101D9C7D-60C6-40BF-9B6A-6A532E5BFAAA}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{101D9C7D-60C6-40BF-9B6A-6A532E5BFAAA}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updater_Online_Application
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OneSystemCare_is1
Deleted HKCU\Software\One System Care
Deleted HKCU\Environment|SNF

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Not Deleted suggestqueries.google.com
Deleted file:///C:/ProgramData/Voyasollams/ff.HP


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [11178 octets] - [03/12/2018 11:59:22]
AdwCleaner[S01].txt - [11240 octets] - [03/12/2018 12:05:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

[Rudy]

Dejte nové logy FRST+Addition.

[Zihos]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.12.2018 01
Ran by udrzbaaqp (administrator) on DESKTOP-POLALO5 (03-12-2018 13:17:40)
Running from C:\Users\udrzbaaqp\Desktop
Loaded Profiles: udrzbaaqp (Available Profiles: udrzbaaqp & admin)
Platform: Windows 10 Pro Version 1703 15063.1292 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126974.inf_amd64_9168fc04b8275db9\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126974.inf_amd64_9168fc04b8275db9\IntelCpHDCPSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126974.inf_amd64_9168fc04b8275db9\IntelCpHeciSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126974.inf_amd64_9168fc04b8275db9\igfxEM.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRFE.EXE
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1382\DSAPI.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1382\pcdrwi.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [773760 2016-10-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9192960 2017-03-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1484288 2017-03-31] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [960896 2017-03-27] (Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-08-18] (Intel Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [432776 2018-06-28] (Geek Software GmbH)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23776552 2018-12-02] (Microsoft Corporation)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [9314407] => "C:\Users\udrzbaaqp\AppData\Roaming\p2i1i2mmodf\a2vaeht00mx.exe" /VERYSILENT
AppInit_DLLs: C:\ProgramData\Voyasollam\Toughla.dll => No File
AppInit_DLLs-x32: C:\ProgramData\Voyasollam\SpanLab.dll => No File
GroupPolicy: Restriction - Windows Defender <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.9
Tcpip\..\Interfaces\{e2cb4e83-ff22-4e83-8d4a-7bd8a6a9a3bc}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{f82cf98f-69c3-425b-ae5c-8530af3ed851}: [DhcpNameServer] 192.168.0.9

Internet Explorer:
==================
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGapxjgzcmq9_vvR8UZk_4ddjKK2N2aEXcAdmsa1yFBrY-rLEg6RUxEsmiSWNc6-LSjjrqIJzVUnZFLtgf2MvFQg81Y-GLtUnV50J3jogY8kVYV0cUaKzVWwPEgTMq9RDZovzSqMpTAVm6TLoD4XyGZNRfnmI&q={searchTerms}
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGapxjgzcmq9_vvR8UZk_4ddjKK2N2aEXcAdmsa1yFBrY-rLEg6RUxEsmiSWNc6-LSjjnq25h2LXBEwAMjb1A-onGvtD167c5Zv4gB7tECgD0_l9MDuaMz2Ehu-AO6AP-eG7OcIlltTt2B18yQxyr1Ublike9
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1142325245-130890802-2529674674-2207 -> {5ECD7986-C300-4472-9D65-3E0E98EC1172} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-12-02] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-12-02] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation)

FireFox:
========
FF Extension: (Adblocker na Youtube™) - C:\Program Files\Mozilla Firefox\browser\features\{733ED5DC-6D54-4A04-900B-CA85BF4B9A1B}.xpi [2018-12-02] [not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-11] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-12-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-12-03] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default [2018-12-03]
CHR Extension: (Slides) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-03]
CHR Extension: (Docs) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-03]
CHR Extension: (Google Drive) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-03]
CHR Extension: (YouTube) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-03]
CHR Extension: (Adblock Plus) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-03]
CHR Extension: (Sheets) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-03]
CHR Extension: (Google Docs Offline) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-03]
CHR Extension: (Save to Facebook) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2018-12-03]
CHR Extension: (Bazz Search SafeFinder) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmeinlfojlcegblpogpjbhipmonclejh [2018-12-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-03]
CHR Extension: (TeamViewer) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2018-12-03]
CHR Extension: (Океан) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgedigcdbemilinbicidhplhebjoafpl [2018-12-03]
CHR Extension: (Gmail) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-03]
CHR Extension: (Chrome Media Router) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-03]
CHR Extension: (Stopwatch / Timer / Alarm) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmbmdkichekkmkgbohcbpfehiekdjnpl [2018-12-03]
CHR Profile: C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-12-02]
CHR Profile: C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-02]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [104744 2016-10-20] (Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9646240 2018-11-20] (Microsoft Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [94136 2016-06-02] (Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2018-10-22] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3347440 2018-10-22] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2018-10-22] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1382\DSAPI.exe [1002816 2018-11-05] (PC-Doctor, Inc.)
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Security\ehttpsrv.exe [43208 2015-11-27] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [1612000 2015-11-27] (ESET)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (Seiko Epson Corporation)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Security\eshasrv.exe [185032 2015-11-27] (ESET)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-21] (Intel Corporation)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2413752 2017-08-18] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-08-18] (Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [183560 2016-10-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2016-12-19] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-19] ()
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [432776 2018-06-28] (Geek Software GmbH)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-03-31] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2018-06-08] (Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [38872 2018-10-25] (Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
R2 WavesSysSvc; c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [415112 2017-03-27] (Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-19] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-19] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-19] (Intel® Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{BE2B905D-8940-4584-B996-F7A9B96E8F1E}

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApHidfiltrService; C:\Windows\System32\drivers\ApHidfiltr.sys [281608 2016-10-20] (Alps Electric Co., Ltd.)
S3 cpuz140; C:\Users\udrzbaaqp\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [43840 2018-12-02] (CPUID) <==== ATTENTION
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [36400 2018-10-20] (Dell Inc.)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-05-08] (Dell Computer Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [74144 2017-11-21] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [69536 2017-11-21] (Intel Corporation)
R3 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [253752 2015-11-11] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186272 2015-11-11] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [205288 2015-11-11] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [52872 2015-11-11] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69328 2015-11-11] (ESET)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [382880 2017-11-21] (Intel Corporation)
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54800 2016-08-16] (Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [70664 2017-08-18] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [733448 2016-10-06] (Intel Corporation)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-12-03] (Malwarebytes)
S3 mosuport; C:\Windows\System32\drivers\mosuport.sys [367744 2016-12-23] (ASIX Electronics Corporation)
S3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7621376 2017-03-18] (Intel Corporation)
R3 Netwtw06; C:\Windows\system32\DRIVERS\Netwtw06.sys [8751632 2018-04-04] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [864704 2017-10-31] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [154280 2016-10-13] (STMicroelectronics)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46072 2018-06-19] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [313384 2018-06-19] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-19] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-03 13:17 - 2018-12-03 13:17 - 000019972 _____ C:\Users\udrzbaaqp\Desktop\FRST.txt
2018-12-03 12:09 - 2018-12-03 12:09 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2018-12-03 12:00 - 2018-12-03 12:00 - 000260480 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-12-03 11:54 - 2018-12-03 12:06 - 000000000 ____D C:\AdwCleaner
2018-12-03 11:16 - 2018-12-03 11:16 - 000000000 ___HD C:\OneDriveTemp
2018-12-03 09:32 - 2018-12-03 09:32 - 000051852 __RSH C:\ProgramData\ntuser.pol
2018-12-03 09:26 - 2018-12-03 11:12 - 000000000 ____D C:\Program Files\Common Files\AV
2018-12-03 09:26 - 2018-12-03 09:26 - 000003392 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2018-12-03 09:22 - 2018-12-03 09:23 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-12-03 08:58 - 2018-12-03 08:58 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-03 08:58 - 2018-12-03 08:58 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-03 08:55 - 2018-12-03 09:22 - 000003456 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-03 08:55 - 2018-12-03 09:22 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-03 07:35 - 2018-12-03 13:17 - 000000000 ____D C:\FRST
2018-12-03 07:34 - 2018-12-03 07:34 - 002417152 _____ (Farbar) C:\Users\udrzbaaqp\Desktop\FRST64.exe
2018-12-02 21:55 - 2018-12-02 21:55 - 000000000 ___HD C:\$SysReset
2018-12-02 21:44 - 2017-12-08 23:25 - 000798520 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-12-02 21:44 - 2017-12-08 23:25 - 000490808 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-12-02 21:44 - 2017-12-08 23:24 - 000928568 _____ C:\Windows\system32\vulkan-1.dll
2018-12-02 21:44 - 2017-12-08 23:24 - 000591672 _____ C:\Windows\system32\vulkaninfo.exe
2018-12-02 21:30 - 2018-12-02 21:30 - 000398648 _____ C:\Windows\system32\FNTCACHE.DAT
2018-12-02 21:28 - 2018-12-02 21:28 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\Mozilla
2018-12-02 21:27 - 2018-12-02 21:32 - 000000000 ____D C:\ProgramData\pUIfuUUTjzrUMTVB
2018-12-02 21:27 - 2018-12-02 21:27 - 000003044 _____ C:\Windows\System32\Tasks\ClwhhsndxrpfQ2
2018-12-02 21:27 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2018-12-02 21:27 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2018-12-02 21:27 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2018-12-02 21:27 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2018-12-02 21:27 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2018-12-02 21:27 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2018-12-02 21:27 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2018-12-02 21:27 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2018-12-02 21:27 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2018-12-02 21:27 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2018-12-02 21:27 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2018-12-02 21:27 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2018-12-02 21:27 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2018-12-02 21:27 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2018-12-02 21:27 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2018-12-02 21:27 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2018-12-02 21:27 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2018-12-02 21:27 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2018-12-02 21:27 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2018-12-02 21:27 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2018-12-02 21:27 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2018-12-02 21:27 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2018-12-02 21:27 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2018-12-02 21:27 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2018-12-02 21:27 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2018-12-02 21:27 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2018-12-02 21:27 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2018-12-02 21:27 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2018-12-02 21:27 - 2008-10-10 04:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2018-12-02 21:27 - 2008-10-10 04:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2018-12-02 21:27 - 2008-10-10 04:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2018-12-02 21:27 - 2008-10-10 04:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2018-12-02 21:27 - 2008-10-10 04:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2018-12-02 21:27 - 2008-10-10 04:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2018-12-02 21:27 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2018-12-02 21:27 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2018-12-02 21:27 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2018-12-02 21:27 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2018-12-02 21:27 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2018-12-02 21:27 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2018-12-02 21:27 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2018-12-02 21:27 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2018-12-02 21:27 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2018-12-02 21:27 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2018-12-02 21:27 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2018-12-02 21:27 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2018-12-02 21:27 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2018-12-02 21:27 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2018-12-02 21:27 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2018-12-02 21:27 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2018-12-02 21:27 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2018-12-02 21:27 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2018-12-02 21:27 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2018-12-02 21:27 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2018-12-02 21:27 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2018-12-02 21:27 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2018-12-02 21:27 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2018-12-02 21:27 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2018-12-02 21:27 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2018-12-02 21:27 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2018-12-02 21:27 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2018-12-02 21:27 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2018-12-02 21:27 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2018-12-02 21:27 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2018-12-02 21:27 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2018-12-02 21:27 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2018-12-02 21:27 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2018-12-02 21:27 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2018-12-02 21:27 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2018-12-02 21:27 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2018-12-02 21:27 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2018-12-02 21:27 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2018-12-02 21:27 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2018-12-02 21:27 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2018-12-02 21:27 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2018-12-02 21:27 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2018-12-02 21:27 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2018-12-02 21:27 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2018-12-02 21:27 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2018-12-02 21:27 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2018-12-02 21:27 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2018-12-02 21:27 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2018-12-02 21:27 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2018-12-02 21:27 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2018-12-02 21:27 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2018-12-02 21:27 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2018-12-02 21:27 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2018-12-02 21:27 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2018-12-02 21:27 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2018-12-02 21:27 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2018-12-02 21:27 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2018-12-02 21:27 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2018-12-02 21:27 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2018-12-02 21:27 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2018-12-02 21:27 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2018-12-02 21:27 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2018-12-02 21:27 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2018-12-02 21:27 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2018-12-02 21:27 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2018-12-02 21:27 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2018-12-02 21:27 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2018-12-02 21:27 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2018-12-02 21:27 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2018-12-02 21:27 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2018-12-02 21:27 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2018-12-02 21:27 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2018-12-02 21:27 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2018-12-02 21:27 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2018-12-02 21:27 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2018-12-02 21:27 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2018-12-02 21:27 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2018-12-02 21:27 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2018-12-02 21:27 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2018-12-02 21:27 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2018-12-02 21:27 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2018-12-02 21:27 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2018-12-02 21:27 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2018-12-02 21:27 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2018-12-02 21:27 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2018-12-02 21:27 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2018-12-02 21:27 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2018-12-02 21:27 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2018-12-02 21:27 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2018-12-02 21:27 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2018-12-02 21:27 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2018-12-02 21:27 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2018-12-02 21:27 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2018-12-02 21:27 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2018-12-02 21:27 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2018-12-02 21:27 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2018-12-02 21:27 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2018-12-02 21:27 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2018-12-02 21:26 - 2018-12-03 07:43 - 000000000 ____D C:\Program Files\GWIQ5IDGYT
2018-12-02 21:26 - 2018-12-02 21:29 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\p2i1i2mmodf
2018-12-02 21:26 - 2018-12-02 21:27 - 000722944 _____ C:\Users\udrzbaaqp\AppData\Local\sham.db
2018-12-02 21:26 - 2018-12-02 21:26 - 007813632 _____ C:\Users\udrzbaaqp\AppData\Local\agent.dat
2018-12-02 21:26 - 2018-12-02 21:26 - 002025197 _____ C:\Users\udrzbaaqp\AppData\Local\Stringlam.tst
2018-12-02 21:26 - 2018-12-02 21:26 - 001895382 _____ C:\Users\udrzbaaqp\AppData\Local\Voltfax.bin
2018-12-02 21:26 - 2018-12-02 21:26 - 000278510 _____ C:\Users\udrzbaaqp\AppData\Local\ApTraxit.bin
2018-12-02 21:26 - 2018-12-02 21:26 - 000140800 _____ C:\Users\udrzbaaqp\AppData\Local\installer.dat
2018-12-02 21:26 - 2018-12-02 21:26 - 000126464 _____ C:\Users\udrzbaaqp\AppData\Local\noah.dat
2018-12-02 21:26 - 2018-12-02 21:26 - 000070896 _____ C:\Users\udrzbaaqp\AppData\Local\Config.xml
2018-12-02 21:26 - 2018-12-02 21:26 - 000005568 _____ C:\Users\udrzbaaqp\AppData\Local\md.xml
2018-12-02 21:26 - 2018-12-02 21:26 - 000000000 ____D C:\ProgramData\b199a7fe-d3aa-4ff9-9d61-b5dd5debd99d
2018-12-02 21:26 - 2018-12-02 21:26 - 000000000 ____D C:\Program Files (x86)\bubans
2018-12-02 21:26 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2018-12-02 21:26 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2018-12-02 21:26 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2018-12-02 21:26 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2018-12-02 21:26 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2018-12-02 21:26 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2018-12-02 21:26 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2018-12-02 21:26 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2018-12-02 21:26 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2018-12-02 21:26 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2018-12-02 21:26 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2018-12-02 21:26 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2018-12-02 21:26 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2018-12-02 21:26 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2018-12-02 21:26 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2018-12-02 21:26 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2018-12-02 21:26 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2018-12-02 21:26 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2018-12-02 21:25 - 2018-12-02 21:30 - 000000000 ____D C:\Program Files (x86)\Action
2018-12-02 21:25 - 2018-12-02 21:25 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Local\AdvinstAnalytics
2018-12-02 21:24 - 2018-12-02 21:29 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Local\William
2018-12-02 21:24 - 2018-12-02 21:27 - 000000000 ____D C:\Windows\SysWOW64\directx
2018-12-02 21:24 - 2018-12-02 21:26 - 000000000 ___HD C:\Windows\msdownld.tmp
2018-12-02 20:13 - 2018-12-02 21:36 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\Easeware
2018-12-02 18:24 - 2018-12-02 18:24 - 000002565 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000002526 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-12-02 18:24 - 2018-12-02 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2018-11-29 09:22 - 2018-11-29 09:22 - 000003368 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1142325245-130890802-2529674674-1367
2018-11-29 09:22 - 2018-11-29 09:22 - 000002431 _____ C:\Users\mbajannekk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-29 09:21 - 2017-08-28 14:21 - 000160768 _____ (KONICA MINOLTA, INC.) C:\Windows\KOBDrvAPIW64.EXE
2018-11-29 09:21 - 2017-08-28 14:21 - 000112120 _____ (KONICA MINOLTA, INC.) C:\Windows\system32\KOBDrvAPIIF.DLL
2018-11-29 09:21 - 2017-08-28 14:21 - 000104440 _____ (KONICA MINOLTA, INC.) C:\Windows\SysWOW64\KOBDrvAPIIF.DLL
2018-11-29 09:19 - 2018-11-29 09:19 - 000000000 ____D C:\Users\mbajannekk\Desktop\PCL6
2018-11-29 09:19 - 2017-08-28 14:20 - 000025600 _____ (KONICA MINOLTA, INC.) C:\Windows\system32\KOAXWJ_L.DLL
2018-11-29 09:18 - 2018-11-29 09:18 - 000000000 ____D C:\Users\mbajannekk\AppData\Roaming\Epson
2018-11-29 09:18 - 2018-11-29 09:18 - 000000000 ____D C:\Users\mbajannekk\AppData\Local\__SHARED
2018-11-29 09:17 - 2018-11-29 09:18 - 000000000 ____D C:\Users\mbajannekk\AppData\Local\Intel
2018-11-29 09:17 - 2018-11-29 09:17 - 000000000 ____D C:\Users\mbajannekk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2018-11-29 09:17 - 2018-11-29 09:17 - 000000000 ____D C:\Users\mbajannekk\AppData\Local\mbamtray
2018-11-29 09:17 - 2018-11-29 09:17 - 000000000 ____D C:\Users\mbajannekk\AppData\Local\Google
2018-11-29 06:59 - 2018-11-29 06:59 - 000003366 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1142325245-130890802-2529674674-2207
2018-11-29 06:59 - 2018-11-29 06:59 - 000002428 _____ C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-27 15:31 - 2018-11-27 15:31 - 000001339 _____ C:\Users\udrzbaaqp\Desktop\Dodávatelia servisných prác.lnk
2018-11-23 10:44 - 2018-11-23 10:44 - 000001145 _____ C:\Users\udrzbaaqp\Desktop\Šablóny objednávky.lnk
2018-11-20 16:04 - 2018-11-22 19:29 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Prenosový
2018-11-14 06:43 - 2018-11-14 06:43 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-07 17:08 - 2018-11-07 17:09 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\EPSON New
2018-11-07 16:31 - 2018-12-02 18:20 - 000000945 _____ C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {EC167C7D-6361-4194-84F4-961F6DBE4D51}.job
2018-11-07 16:31 - 2018-11-07 16:31 - 000004158 _____ C:\Windows\System32\Tasks\EPSON XP-243 245 247 Series Update {EC167C7D-6361-4194-84F4-961F6DBE4D51}
2018-11-07 16:27 - 2018-11-07 21:13 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\EPSON
2018-11-07 16:27 - 2018-11-07 16:27 - 000000000 ____D C:\Program Files\EpsonNet
2018-11-07 16:27 - 2018-11-07 16:27 - 000000000 ____D C:\Program Files\Common Files\EPSON
2018-11-07 16:26 - 2018-11-07 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-11-07 16:26 - 2018-11-07 16:32 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2018-11-07 16:24 - 2018-11-07 16:32 - 000000000 ____D C:\Program Files (x86)\epson
2018-11-07 16:24 - 2018-11-07 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-11-07 16:24 - 2016-11-08 12:30 - 000145224 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc64.exe
2018-11-07 16:24 - 2016-10-28 09:53 - 000147472 _____ (TWAIN Working Group) C:\Windows\SysWOW64\twaindsm.dll
2018-11-07 16:23 - 2015-12-08 20:08 - 000182784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBRFE.DLL
2018-11-07 16:23 - 2011-03-14 19:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BRFE.DLL
2018-11-07 16:22 - 2018-11-07 21:13 - 000000000 ____D C:\ProgramData\Epson
2018-11-06 21:54 - 2018-11-06 21:54 - 000000017 _____ C:\Users\udrzbaaqp\AppData\Local\resmon.resmoncfg
2018-11-05 19:01 - 2018-11-05 19:01 - 000002251 _____ C:\Users\Public\Desktop\SupportAssist.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-03 13:16 - 2018-07-01 19:03 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Udrzba NB
2018-12-03 13:15 - 2018-06-20 09:43 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Chrome down
2018-12-03 13:14 - 2018-06-19 16:20 - 000004200 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FC3DF6E9-697C-4F3B-80E6-65AF9AD0A61B}
2018-12-03 13:05 - 2017-07-07 16:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-12-03 12:15 - 2017-07-07 16:42 - 001341338 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-03 12:10 - 2018-06-19 12:30 - 000000000 ___RD C:\Users\udrzbaaqp\OneDrive
2018-12-03 12:09 - 2018-06-19 12:27 - 000000000 __SHD C:\Users\udrzbaaqp\IntelGraphicsProfiles
2018-12-03 12:08 - 2018-06-19 15:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-12-03 12:08 - 2017-07-07 16:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-03 12:07 - 2017-03-18 12:40 - 003407872 _____ C:\Windows\system32\config\BBI
2018-12-03 12:06 - 2017-09-06 12:18 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-12-03 11:19 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\AppReadiness
2018-12-03 11:13 - 2017-03-18 22:03 - 000000000 ___HD C:\Windows\ELAMBKUP
2018-12-03 11:12 - 2017-03-18 22:01 - 000000000 ____D C:\Windows\INF
2018-12-03 11:12 - 2017-03-18 12:40 - 000032768 _____ C:\Windows\system32\config\ELAM
2018-12-03 08:57 - 2018-06-19 13:24 - 000000000 ____D C:\Program Files (x86)\Google
2018-12-03 07:26 - 2016-09-06 06:07 - 000000000 ____D C:\Users\udrzbaaqp\Documents\Archiv pošta
2018-12-03 07:25 - 2018-06-19 17:33 - 000000000 ____D C:\Ečko
2018-12-02 21:44 - 2017-07-07 16:48 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-12-02 21:30 - 2017-07-08 02:06 - 000000000 ____D C:\Windows\Panther
2018-12-02 21:26 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\system32\GroupPolicy
2018-12-02 19:58 - 2018-06-19 12:27 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Local\Packages
2018-12-02 19:58 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-02 18:25 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-02 18:23 - 2017-09-22 13:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-12-02 18:19 - 2018-06-19 12:27 - 000000000 ____D C:\Users\udrzbaaqp
2018-12-01 15:51 - 2018-10-20 13:59 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Privat
2018-12-01 15:15 - 2018-06-26 05:24 - 000000000 ____D C:\ProgramData\AMMYY
2018-12-01 09:30 - 2018-10-14 19:40 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Kultúra
2018-11-29 09:22 - 2017-09-06 11:33 - 000000000 ___RD C:\Users\mbajannekk\OneDrive
2018-11-29 09:17 - 2017-09-06 11:26 - 000000000 __SHD C:\Users\mbajannekk\IntelGraphicsProfiles
2018-11-29 09:17 - 2017-07-07 17:06 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-29 08:38 - 2018-10-21 17:07 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Temp Skeny
2018-11-29 07:03 - 2018-07-04 05:43 - 000001054 _____ C:\Users\udrzbaaqp\Desktop\Ziadanky tu.lnk
2018-11-28 14:37 - 2018-06-19 16:00 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\TeamViewer
2018-11-28 12:05 - 2018-06-19 19:01 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Odkazy VNC z vonku
2018-11-26 19:04 - 2017-09-06 11:31 - 000004238 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-11-25 21:22 - 2018-10-29 17:15 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Excell testy
2018-11-24 15:55 - 2018-10-14 07:30 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\vlc
2018-11-14 17:22 - 2018-06-21 17:27 - 000000296 _____ C:\Windows\SysWOW64\SmartFlow.txt
2018-11-12 09:12 - 2018-07-30 19:57 - 000000000 ____D C:\Users\udrzbaaqp\Documents\Zvukové záznamy
2018-11-07 16:32 - 2017-07-07 16:44 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-11-06 16:49 - 2017-07-07 16:38 - 000000000 ____D C:\ProgramData\PCDr
2018-11-05 19:01 - 2017-07-07 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2018-11-05 18:59 - 2017-09-06 11:29 - 000000000 ____D C:\ProgramData\SupportAssist

==================== Files in the root of some directories =======

2018-07-02 12:54 - 2018-07-02 12:54 - 000024096 _____ () C:\Users\udrzbaaqp\AppData\Roaming\Hodnoty oddelené čiarkou.ADR
2018-07-02 12:49 - 2018-07-02 12:49 - 000008242 _____ () C:\Users\udrzbaaqp\AppData\Roaming\Hodnoty oddelené čiarkou.EML
2018-12-02 21:26 - 2018-12-02 21:26 - 007813632 _____ () C:\Users\udrzbaaqp\AppData\Local\agent.dat
2018-12-02 21:26 - 2018-12-02 21:26 - 000278510 _____ () C:\Users\udrzbaaqp\AppData\Local\ApTraxit.bin
2018-12-02 21:26 - 2018-12-02 21:26 - 000070896 _____ () C:\Users\udrzbaaqp\AppData\Local\Config.xml
2018-12-02 21:26 - 2018-12-02 21:26 - 000140800 _____ () C:\Users\udrzbaaqp\AppData\Local\installer.dat
2018-12-02 21:26 - 2018-12-02 21:26 - 000005568 _____ () C:\Users\udrzbaaqp\AppData\Local\md.xml
2018-12-02 21:26 - 2018-12-02 21:26 - 000126464 _____ () C:\Users\udrzbaaqp\AppData\Local\noah.dat
2018-11-06 21:54 - 2018-11-06 21:54 - 000000017 _____ () C:\Users\udrzbaaqp\AppData\Local\resmon.resmoncfg
2018-12-02 21:26 - 2018-12-02 21:27 - 000722944 _____ () C:\Users\udrzbaaqp\AppData\Local\sham.db
2018-12-02 21:26 - 2018-12-02 21:26 - 002025197 _____ () C:\Users\udrzbaaqp\AppData\Local\Stringlam.tst
2018-12-02 21:26 - 2018-12-02 21:26 - 000032038 _____ () C:\Users\udrzbaaqp\AppData\Local\uninstall_temp.ico
2018-12-02 21:26 - 2018-12-02 21:26 - 001895382 _____ () C:\Users\udrzbaaqp\AppData\Local\Voltfax.bin

Some files in TEMP:
====================
2018-12-02 21:27 - 2018-12-02 21:27 - 007850088 _____ (Microsoft Corporation) C:\Users\udrzbaaqp\AppData\Local\Temp\BingBarSetup-Partner.exe
2018-12-02 21:25 - 2018-12-02 21:26 - 000375522 _____ ( ) C:\Users\udrzbaaqp\AppData\Local\Temp\qjytrl3gusg.exe
2018-12-02 21:24 - 2018-12-02 21:24 - 002575932 _____ () C:\Users\udrzbaaqp\AppData\Local\Temp\survarium.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-25 13:41

==================== End of FRST.txt ============================

[Zihos]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by udrzbaaqp (03-12-2018 13:18:14)
Running from C:\Users\udrzbaaqp\Desktop
Windows 10 Pro Version 1703 15063.1292 (X64) (2017-07-30 23:07:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

admin (S-1-5-21-3488352295-3265554142-2068840992-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-3488352295-3265554142-2068840992-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3488352295-3265554142-2068840992-503 - Limited - Disabled)
Guest (S-1-5-21-3488352295-3265554142-2068840992-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Endpoint Security 6.3.2016.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Security 6.3.2016.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personálny firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.4 (HKLM-x32\...\{AA5C80E7-8876-4026-A0D0-582D8EFBA2E1}) (Version: 4.4.7.2307 - Open Media LLC)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.54.1 - Asmedia Technology)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
bubans 1.00 (HKLM-x32\...\bubans 1.00) (Version: 1.00 - bubans)
Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.1.1 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.3.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{7294961D-6EC1-4418-9017-0180A0C78A91}) (Version: 3.2.1006.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\{5A18ABE3-52D1-4CA5-9169-25EC7E789582}) (Version: 3.0.2.48 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.212 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.2207.101.108 - ALPS ELECTRIC CO., LTD.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.3.6855.212 - PC-Doctor, Inc.) Hidden
DWGSee Pro 2017 (HKLM-x32\...\{95EBD9FE-2F20-454A-84FC-6D22A8978A0A}) (Version: 4.43 - AutoDWG)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{60A3CB9F-4429-4C7A-AA97-77CC4FE10671}) (Version: 4.4.9 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
ESET Endpoint Security (HKLM\...\{900372AF-5CB7-40EA-A564-84420E4BB5ED}) (Version: 6.3.2016.1 - ESET, spol. s r.o.)
FastStone Image Viewer 6.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.5 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 22.9 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.5.1025 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{7FADF1ED-241A-4F82-B8FD-19BD0A82FFA0}) (Version: 19.11.1639.0649 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{8c595286-0f9e-42de-a0d4-969aba282637}) (Version: 20.50.0 - Intel Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes verzia 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9134.0 - Waves Audio Ltd.) Hidden
Microsoft Office 365 Business - sk-sk (HKLM\...\O365BusinessRetail - sk-sk) (Version: 16.0.11029.20079 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x64 sk) (HKLM\...\Mozilla Firefox 55.0.3 (x64 sk)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Odinštalovať tlačiareň EPSON XP-243 245 247 Series (HKLM\...\EPSON XP-243 245 247 Series) (Version: - Seiko Epson Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11029.20079 - Microsoft Corporation) Hidden
PDF24 Creator 8.4.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Príručky EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.21304 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8105 - Realtek Semiconductor Corp.)
SafeFinder (HKLM-x32\...\{86EE3750-FD60-4FB3-AC5E-D39D2BA02EA3}) (Version: 1.0.0.0 - Linkury) <==== ATTENTION
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0079 - ST Microelectronics)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Total Video Converter 3.71 100812 (HKLM-x32\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.2.1 - uvnc bvba)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A6F2ADC4-12C4-41E8-B90B-3BE018F5787C}) (Version: 2.48.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Small Business Server 2011 Standard ClientAgent (HKLM\...\{5C72F8A3-BF39-4733-B41E-0ED7EF622E37}) (Version: 6.1.7900.1 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1142325245-130890802-2529674674-2207_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-1142325245-130890802-2529674674-2207_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DWGSeeMenu] -> {A6EAF440-149E-4AF3-AE84-5DA3CF791E3B} => C:\Program Files (x86)\AutoDWG\DWGSee Pro 2017\DWGSeeMenu64.dll [2012-07-13] (TODO: <Company name>)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2015-11-27] (ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2015-11-27] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki126974.inf_amd64_9168fc04b8275db9\igfxDTCM.dll [2018-03-09] (Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2015-11-27] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1142325245-130890802-2529674674-2207: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2679A9A8-AA91-49B8-BAB5-27F966B111AF} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}
Task: {3EAB8EB2-3643-4622-A352-BBAE99DE029F} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {4D3E1E38-B910-4BA2-B448-0C199B5FD7C3} - System32\Tasks\EPSON XP-243 245 247 Series Update {EC167C7D-6361-4194-84F4-961F6DBE4D51} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {51BC0B4A-80FC-4999-80F1-43CF02AC0894} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-15] (Microsoft Corporation)
Task: {56F6A28E-CBB9-4922-84CD-58EDEB1EDEDD} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-12-02] (Microsoft Corporation)
Task: {786886CA-F36F-4074-9287-BE8B98C2563B} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2018-12-03] (AO Kaspersky Lab)
Task: {7D927625-A29E-4946-BC26-204E08DCE3D7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-15] (Microsoft Corporation)
Task: {93F0ABB1-BD44-4F90-A3C4-EF2806AA2B7C} - System32\Tasks\ClwhhsndxrpfQ2 => C:\Windows\system32\wscript.exe "C:\ProgramData\pUIfuUUTjzrUMTVB\WxdobQm.wsf"
Task: {A80B433F-A2C7-4D63-BF52-B9FC20BAAC2C} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-04-18] (PC-Doctor, Inc.)
Task: {AD23F25C-318E-41FB-A1D7-B798E8BFE126} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-02] (Microsoft Corporation)
Task: {C4D6D33F-F67F-4776-AD8A-68477376D1EA} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-04-18] (PC-Doctor, Inc.)
Task: {C50D5CBB-F21C-417B-A719-D73E3CFDF53F} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}
Task: {D26919EA-DB11-40C9-9E27-A50EA3EBF2CE} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-10-25] (Dell Inc.)
Task: {DAFFB47F-9CA7-49AA-9929-E81F2A14466B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {EB51A5F7-CBA6-43F5-BCF3-150A60405797} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-12-02] (Microsoft Corporation)
Task: {ED94EEE7-ECFC-46D0-936C-410209A7A26B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-12-02] (Microsoft Corporation)
Task: {EE9467AA-A45C-4240-A533-8782C3F9976F} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-13] (Intel(R) Corporation)
Task: {F0A9A271-88EC-41D2-9218-C8337A57A783} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-03] (Google Inc.)
Task: {F2CFC217-32F3-4975-AC31-2ACC938F8FA3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-12-02] (Microsoft Corporation)
Task: {F4BB4627-0165-4984-9968-51E295C22C39} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-03] (Google Inc.)
Task: {FB80F54B-77F2-4BBD-822A-28B59B55CF50} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {EC167C7D-6361-4194-84F4-961F6DBE4D51}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{EC167C7D-6361-4194-84F4-961F6DBE4D51} /F:UpdateTHERME\DESKTOP-POLALO5$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"DellCommandPowerManagerPolicyChangeEventConsumer\"",Filter="\\.\root\subscription:__EventFilter.Name=\"DellCommandPowerManagerPolicyChangeEventFilter\":
WMI:subscription\__EventFilter->DellCommandPowerManagerPolicyChangeEventFilter:
WMI:subscription\ActiveScriptEventConsumer->DellCommandPowerManagerPolicyChangeEventConsumer:

ShortcutWithArgument: C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\TeamViewer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=oooiobdokpcfdlahlmcddobejikcmkfo

==================== Loaded Modules (Whitelisted) ==============

2018-06-19 18:59 - 2014-11-02 17:45 - 000029184 _____ () C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-09-04 06:10 - 2018-08-01 00:04 - 001730560 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-17 14:18 - 2018-07-17 14:18 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-17 14:18 - 2018-07-17 14:18 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-17 14:18 - 2018-07-17 14:18 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-17 14:18 - 2018-07-17 14:18 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\skypert.dll
2018-11-05 19:02 - 2018-11-05 19:02 - 002587976 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1382\libprotobuf.dll
2016-12-19 08:38 - 2016-12-19 08:38 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\sharepoint.com -> hxxps://slktt-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Control Panel\Desktop\\Wallpaper -> C:\Users\udrzbaaqp\AppData\Roaming\FastStone\FSIV\FSViewerWallPaper.bmp
DNS Servers: 192.168.0.9
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\StartupApproved\Run: => "9314407"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BAD948BA-1D68-430B-9424-D006D085FBFB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F1C1EEC0-2F8B-43E6-97D8-1596B794EF75}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F8CDA4C7-AF7D-425C-9515-D687080F23BA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{30BE1758-A079-4A9A-8DFC-DBB7E57BDBA5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E8A9D832-4A9E-4C0F-99BA-4917C551B39B}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe
FirewallRules: [{5FD1CF25-5543-437E-BE0E-6D1173AF9FD7}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe
FirewallRules: [{F5D6FE8A-60C4-4C28-89FD-664184F49B45}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9C2C066F-7E5E-4611-BCA9-F94E477F481C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{23982594-A78D-40CD-87BE-8131B0C967A2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{ECDD527B-B7FE-40E8-A3EA-8BC2C94F9AD5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CC887762-EEB9-4C36-A0E5-2156B1AC8B19}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{5EAD8A59-87F9-4003-8086-29DE04CBB59D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{69E63F83-86B4-4C21-83A0-54C3D2E691BC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{D0E77765-E45A-4867-A706-51157BDC3CF4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{67B61AB5-169D-4D0A-B580-6F3CC9F08235}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BA7A28D9-390F-404F-A4A4-9374E71DA592}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4CA55C6C-34EF-43DC-9E21-F23231DF420F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3D95CFAA-7735-4FB9-951C-4707CD45B861}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3924BC8B-8F96-4D84-9639-0DBA78264FB1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{5A3CB768-233C-4AC2-B650-D4DB37340CAB}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{21B46039-E302-409B-87A8-133F1C7E92C7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

14-11-2018 17:19:29 SupportAssist_1287f50a-9925-4ae7-abad-f8d9ede8f249
27-11-2018 07:12:44 Scheduled Checkpoint
02-12-2018 20:58:32 SupportAssist_1d9bbb5d-8ccc-4894-944c-9299998ba93d

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/03/2018 12:49:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: THERME)
Description: Aktivácia aplikácie Microsoft.Windows.Photos_8wekyb3d8bbwe!App zlyhala pre chybu: -2147023170 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (12/03/2018 08:54:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: chrome.exe, verzia: 70.0.3538.110, časová značka: 0x5becfd50
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.15063.1266, časová značka: 0x8ae31eb5
Kód výnimky: 0xc00000fd
Odstup chyby: 0x0000000000003c3b
Identifikácia chybujúceho procesu: 0x2b00
Čas spustenia chybujúcej aplikácie: 0x01d48add2fb1f023
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta chybujúceho modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 1154cd0c-e382-4787-90a1-1c55041af80a
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/03/2018 08:54:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: chrome.exe, verzia: 70.0.3538.110, časová značka: 0x5becfd50
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.15063.1266, časová značka: 0x8ae31eb5
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000000bcbb
Identifikácia chybujúceho procesu: 0x2b00
Čas spustenia chybujúcej aplikácie: 0x01d48add2fb1f023
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta chybujúceho modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 9aaa8c32-d190-46ba-86bf-152ef7309512
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/03/2018 08:54:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: chrome.exe, verzia: 70.0.3538.110, časová značka: 0x5becfd50
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.15063.1266, časová značka: 0x8ae31eb5
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000000bcbb
Identifikácia chybujúceho procesu: 0x2b00
Čas spustenia chybujúcej aplikácie: 0x01d48add2fb1f023
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta chybujúceho modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 030afe86-280b-47b5-ba05-0c4636da88ea
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/03/2018 08:54:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: chrome.exe, verzia: 70.0.3538.110, časová značka: 0x5becfd50
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.15063.1266, časová značka: 0x8ae31eb5
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000000bcbb
Identifikácia chybujúceho procesu: 0x2b00
Čas spustenia chybujúcej aplikácie: 0x01d48add2fb1f023
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta chybujúceho modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 1dd1d053-9a57-48ee-acff-f809c237d69c
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/03/2018 08:54:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: chrome.exe, verzia: 70.0.3538.110, časová značka: 0x5becfd50
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.15063.1266, časová značka: 0x8ae31eb5
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000000bcbb
Identifikácia chybujúceho procesu: 0x2b00
Čas spustenia chybujúcej aplikácie: 0x01d48add2fb1f023
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta chybujúceho modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: cebee39a-07ae-4ea8-8588-696e905da12d
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/03/2018 08:54:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: chrome.exe, verzia: 70.0.3538.110, časová značka: 0x5becfd50
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.15063.1266, časová značka: 0x8ae31eb5
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000000bcbb
Identifikácia chybujúceho procesu: 0x2b00
Čas spustenia chybujúcej aplikácie: 0x01d48add2fb1f023
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta chybujúceho modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 00481078-c54a-4a5e-963c-ea982a9247d9
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/03/2018 08:54:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: chrome.exe, verzia: 70.0.3538.110, časová značka: 0x5becfd50
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.15063.1266, časová značka: 0x8ae31eb5
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000000bcbb
Identifikácia chybujúceho procesu: 0x2b00
Čas spustenia chybujúcej aplikácie: 0x01d48add2fb1f023
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta chybujúceho modulu: C:\Windows\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 0e8988ae-b1dc-41ad-bce7-f7d157ce85f8
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (12/03/2018 12:50:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (12/03/2018 12:09:14 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1110) (User: THERME)
Description: Spracovanie skupinovej politiky zlyhalo. Systému Windows sa nepodarilo určiť, či kontá používateľa a počítača patria do rovnakého lesa. Skontrolujte, či sa názov domény používateľa zhoduje s názvom dôveryhodnej domény, ktorá sa nachádza v rovnakom lese ako konto počítača.

Error: (12/03/2018 12:08:43 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: NT AUTHORITY)
Description: 0 zlyhalo.
Názov objektu skupinovej politiky: Windows SBS CSE Policy
Systémová cesta k súboru objektu skupinovej politiky: \\therme.local\SysVol\therme.local\Policies\{F2459BE5-759A-4234-95E2-E1ACC6B8ADF0}\Machine
Názov skriptu: \\therme.local\SysVol\therme.local\ClientAgent\ClientAgent.vbs

Error: (12/03/2018 12:08:43 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: NT AUTHORITY)
Description: 0 zlyhalo.
Názov objektu skupinovej politiky: Windows SBS CSE Policy
Systémová cesta k súboru objektu skupinovej politiky: \\therme.local\SysVol\therme.local\Policies\{F2459BE5-759A-4234-95E2-E1ACC6B8ADF0}\Machine
Názov skriptu: \\therme.local\SysVol\therme.local\ClientAgent\ClientAgent.vbs

Error: (12/03/2018 12:08:43 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: NT AUTHORITY)
Description: 0 zlyhalo.
Názov objektu skupinovej politiky: Windows SBS CSE Policy
Systémová cesta k súboru objektu skupinovej politiky: \\therme.local\SysVol\therme.local\Policies\{F2459BE5-759A-4234-95E2-E1ACC6B8ADF0}\Machine
Názov skriptu: \\therme.local\SysVol\therme.local\ClientAgent\ClientAgent.vbs

Error: (12/03/2018 12:08:43 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: NT AUTHORITY)
Description: 0 zlyhalo.
Názov objektu skupinovej politiky: Windows SBS CSE Policy
Systémová cesta k súboru objektu skupinovej politiky: \\therme.local\SysVol\therme.local\Policies\{F2459BE5-759A-4234-95E2-E1ACC6B8ADF0}\Machine
Názov skriptu: \\therme.local\SysVol\therme.local\ClientAgent\ClientAgent.vbs

Error: (12/03/2018 12:08:41 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: Spracovanie skupinovej politiky zlyhalo v dôsledku chýbajúceho sieťového pripojenia na radič domény. Tento stav môže byť prechodný. Po pripojení počítača na radič domény a úspešnom spracovaní skupinovej politiky sa vygeneruje hlásenie o úspešnom spracovaní. Ak sa toto hlásenie nezobrazí ani po uplynutí viacerých hodín, obráťte sa na správcu.

Error: (12/03/2018 12:08:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby CldFlt zlyhalo kvôli nasledujúcej chybe:
The request is not supported.


Windows Defender:
===================================
Date: 2017-09-22 14:07:51.405
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7EB06A5A-9083-44BD-8140-D43ACCBA8C69}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2018-07-01 19:38:59.673
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-19 12:11:29.483
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-06-19 12:11:29.475
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-7100U CPU @ 2.40GHz
Percentage of memory in use: 31%
Total physical RAM: 8054.1 MB
Available physical RAM: 5520.77 MB
Total Virtual: 9334.1 MB
Available Virtual: 6378.75 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:930.43 GB) (Free:723.18 GB) NTFS
Drive d: (PAMATOVKA) (Removable) (Total:1.83 GB) (Free:1.54 GB) FAT

\\?\Volume{e89665cc-5f74-4828-aa06-4e871948ff31}\ (WINRETOOLS) (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E0EAED6D)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 1.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-10
69-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {93F0ABB1-BD44-4F90-A3C4-EF2806AA2B7C} - System32\Tasks\ClwhhsndxrpfQ2 => C:\Windows\system32\wscript.exe "C:\ProgramData\pUIfuUUTjzrUMTVB\WxdobQm.wsf"
C:\ProgramData\pUIfuUUT
Task: {F0A9A271-88EC-41D2-9218-C8337A57A783} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-03] (Google Inc.)
Task: {F4BB4627-0165-4984-9968-51E295C22C39} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-03] (Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [9314407] => "C:\Users\udrzbaaqp\AppData\Roaming\p2i1i2mmodf\a2vaeht00mx.exe" /VERYSILENT
AppInit_DLLs: C:\ProgramData\Voyasollam\Toughla.dll => No File
AppInit_DLLs-x32: C:\ProgramData\Voyasollam\SpanLab.dll => No File
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
C:\Users\udrzbaaqp\AppData\Roaming\p2i1i2mmodf
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%7 ... ZNRfnmI&q={searchTerms}
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72 ... yr1Ublike9
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1142325245-130890802-2529674674-2207 -> {5ECD7986-C300-4472-9D65-3E0E98EC1172} URL =
CHR Extension: (Океан) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgedigcdbemilinbicidhplhebjoafpl [2018-12-03]
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\pUIfuUUTjzrUMTVB
C:\Windows\System32\Tasks\ClwhhsndxrpfQ2
C:\Program Files\GWIQ5IDGYT
C:\Windows\msdownld.tmp
C:\Users\udrzbaaqp\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Zihos]

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by udrzbaaqp (03-12-2018 17:29:10) Run:1
Running from C:\Users\udrzbaaqp\Desktop
Loaded Profiles: udrzbaaqp (Available Profiles: udrzbaaqp & admin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-10
69-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {93F0ABB1-BD44-4F90-A3C4-EF2806AA2B7C} - System32\Tasks\ClwhhsndxrpfQ2 => C:\Windows\system32\wscript.exe "C:\ProgramData\pUIfuUUTjzrUMTVB\WxdobQm.wsf"
C:\ProgramData\pUIfuUUT
Task: {F0A9A271-88EC-41D2-9218-C8337A57A783} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-03] (Google Inc.)
Task: {F4BB4627-0165-4984-9968-51E295C22C39} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-03] (Google Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [9314407] => "C:\Users\udrzbaaqp\AppData\Roaming\p2i1i2mmodf\a2vaeht00mx.exe" /VERYSILENT
AppInit_DLLs: C:\ProgramData\Voyasollam\Toughla.dll => No File
AppInit_DLLs-x32: C:\ProgramData\Voyasollam\SpanLab.dll => No File
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
C:\Users\udrzbaaqp\AppData\Roaming\p2i1i2mmodf
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%7 ... ZNRfnmI&q={searchTerms}
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72 ... yr1Ublike9
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1142325245-130890802-2529674674-2207 -> {5ECD7986-C300-4472-9D65-3E0E98EC1172} URL =
CHR Extension: (Океан) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgedigcdbemilinbicidhplhebjoafpl [2018-12-03]
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\pUIfuUUTjzrUMTVB
C:\Windows\System32\Tasks\ClwhhsndxrpfQ2
C:\Program Files\GWIQ5IDGYT
C:\Windows\msdownld.tmp
C:\Users\udrzbaaqp\AppData\Local\Temp

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-10 => not found
HKLM\Software\Classes\CLSID\ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-10 => not found
69-A2E4-08002B30309D} => -> No File => Error: No automatic fix found for this entry.
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{93F0ABB1-BD44-4F90-A3C4-EF2806AA2B7C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93F0ABB1-BD44-4F90-A3C4-EF2806AA2B7C}" => removed successfully
C:\Windows\System32\Tasks\ClwhhsndxrpfQ2 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ClwhhsndxrpfQ2" => removed successfully
"C:\ProgramData\pUIfuUUT" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F0A9A271-88EC-41D2-9218-C8337A57A783}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0A9A271-88EC-41D2-9218-C8337A57A783}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4BB4627-0165-4984-9968-51E295C22C39}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4BB4627-0165-4984-9968-51E295C22C39}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Windows\CurrentVersion\Run\\9314407" => removed successfully
"C:\ProgramData\Voyasollam\Toughla.dll" => Value data removed successfully
"C:\ProgramData\Voyasollam\SpanLab.dll" => Value data removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Users\udrzbaaqp\AppData\Roaming\p2i1i2mmodf => moved successfully
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5ECD7986-C300-4472-9D65-3E0E98EC1172} => removed successfully
HKLM\Software\Classes\CLSID\{5ECD7986-C300-4472-9D65-3E0E98EC1172} => not found
CHR Extension: (Океан) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgedigcdbemilinbicidhplhebjoafpl [2018-12-03] => Error: No automatic fix found for this entry.
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\ProgramData\pUIfuUUTjzrUMTVB => moved successfully
"C:\Windows\System32\Tasks\ClwhhsndxrpfQ2" => not found
C:\Program Files\GWIQ5IDGYT => moved successfully
C:\Windows\msdownld.tmp => moved successfully
C:\Users\udrzbaaqp\AppData\Local\Temp => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 486230374 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1090362 B
Edge => 29133795 B
Chrome => 338272437 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 47386 B
NetworkService => 28512 B
mbajannekk => 130397345 B
Udrzba => 0 B
udrzbaaqp => 77318351 B
admin => 65543351 B

RecycleBin => 296400582 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:30:42 ====

[Rudy]

Smazáno, log by již měl být OK.

[Zihos]

Malwer Adware ale našiel ešte PUP viz log


# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-11-30.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-03-2018
# Duration: 00:00:16
# OS: Windows 10 Pro
# Scanned: 32290
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

PUP.Optional.Legacy suggestqueries.google.com


AdwCleaner[S00].txt - [11178 octets] - [03/12/2018 11:59:22]
AdwCleaner[S01].txt - [11240 octets] - [03/12/2018 12:05:45]
AdwCleaner[C01].txt - [9541 octets] - [03/12/2018 12:07:04]
AdwCleaner[S02].txt - [1459 octets] - [03/12/2018 14:48:05]
AdwCleaner[S03].txt - [1520 octets] - [03/12/2018 17:42:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########

[Zihos]

Po čisteni a reštarte

Not Deleted suggestqueries.google.com


Myslim že toto bude robiť problémy. Viac v logu:



# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-11-30.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-03-2018
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Not Deleted suggestqueries.google.com


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [11178 octets] - [03/12/2018 11:59:22]
AdwCleaner[S01].txt - [11240 octets] - [03/12/2018 12:05:45]
AdwCleaner[C01].txt - [9541 octets] - [03/12/2018 12:07:04]
AdwCleaner[S02].txt - [1459 octets] - [03/12/2018 14:48:05]
AdwCleaner[S03].txt - [1520 octets] - [03/12/2018 17:42:29]
AdwCleaner[S04].txt - [1581 octets] - [03/12/2018 18:58:36]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

[Rudy]

Zkusíme to jinak. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... [oz]=8.1.0
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[Zihos]

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by udrzbaaqp on ut 04. 12. 2018 at 7:40:43,50.
Microsoft Windows 10 Pro 10.0.15063 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\udrzbaaqp\Desktop\zoek.exe [Scan current user] [Script inserted]

==== Older Logs ======================

C:\zoek-results2018-12-04-061818.log 4146 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Users\udrzbaaqp\AppData\Local\DBG deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

"C:\Windows\Installer\9c7acfd.msi" not found

==== Chromium Look ======================

Google Chrome Version: 70.0.3538.110


Save to Facebook - udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd
Chrome Media Router - udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Search Bar"="https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGapxjgzcmq9_vvR8UZk_4ddjKK2N2aEXcAdmsa1yFBrY-rLEg6RUxEsmiSWNc6-LSjjrqIJzVUnZFLtgf2MvFQg81Y-GLtUnV50J3jogY8kVYV0cUaKzVWwPEgTMq9RDZovzSqMpTAVm6TLoD4XyGZNRfnmI&q={searchTerms}"
"SearchAssistant"="https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGapxjgzcmq9_vvR8UZk_4ddjKK2N2aEXcAdmsa1yFBrY-rLEg6RUxEsmiSWNc6-LSjjrqIJzVUnZFLtgf2MvFQg81Y-GLtUnV50J3jogY8kVYV0cUaKzVWwPEgTMq9RDZovzSqMpTAVm6TLoD4XyGZNRfnmI&q={searchTerms}"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGapxjgzcmq9_vvR8UZk_4ddjKK2N2aEXcAdmsa1yFBrY-rLEg6RUxEsmiSWNc6-LSjjrqIJzVUnZFLtgf2MvFQg81Y-GLtUnV50J3jogY8kVYV0cUaKzVWwPEgTMq9RDZovzSqMpTAVm6TLoD4XyGZNRfnmI&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGapxjgzcmq9_vvR8UZk_4ddjKK2N2aEXcAdmsa1yFBrY-rLEg6RUxEsmiSWNc6-LSjjrqIJzVUnZFLtgf2MvFQg81Y-GLtUnV50J3jogY8kVYV0cUaKzVWwPEgTMq9RDZovzSqMpTAVm6TLoD4XyGZNRfnmI&q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGapxjgzcmq9_vvR8UZk_4ddjKK2N2aEXcAdmsa1yFBrY-rLEg6RUxEsmiSWNc6-LSjjrqIJzVUnZFLtgf2MvFQg81Y-GLtUnV50J3jogY8kVYV0cUaKzVWwPEgTMq9RDZovzSqMpTAVm6TLoD4XyGZNRfnmI&q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGapxjgzcmq9_vvR8UZk_4ddjKK2N2aEXcAdmsa1yFBrY-rLEg6RUxEsmiSWNc6-LSjjrqIJzVUnZFLtgf2MvFQg81Y-GLtUnV50J3jogY8kVYV0cUaKzVWwPEgTMq9RDZovzSqMpTAVm6TLoD4XyGZNRfnmI&q={searchTerms}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{5ECD7986-C300-4472-9D65-3E0E98EC1172}"
HKLM\SearchScopes\{5ECD7986-C300-4472-9D65-3E0E98EC1172} - http://www.bing.com/search?q={searchTer ... TR&pc=DCTE
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{5ECD7986-C300-4472-9D65-3E0E98EC1172} - http://www.bing.com/search?q={searchTer ... TR&pc=DCTE
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Guest Profile\Secure Preferences was reset successfully
C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data was reset successfully
C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data-journal was reset successfully
C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully
C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\System Profile\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F9BC3A069244A7C4AA7977CCF41E6017 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60A3CB9F-4429-4C7A-AA97-77CC4FE10671} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F9BC3A069244A7C4AA7977CCF41E6017 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\udrzbaaqp\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\udrzbaaqp\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Guest Profile\Cache emptied successfully
C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\System Profile\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=33 folders=58 89577671 bytes)

==== Empty Temp Folders ======================

C:\Users\udrzbaaqp\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\UDRZBA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ut 04. 12. 2018 at 8:01:49,16 ======================

[Zihos]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Pro x64
Ran by udrzbaaqp (Administrator) on ut 04. 12. 2018 at 8:08:30,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3

Successfully deleted: C:\ProgramData\ammyy (Folder)
Successfully deleted: C:\Windows\system32\Tasks\PCDEventLauncherTask (Task)
Successfully deleted: C:\Windows\system32\Tasks\PCDoctorBackgroundMonitorTask (Task)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\SearchAssistant (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ut 04. 12. 2018 at 8:13:42,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Zihos]

http://leteckaposta.cz/253971978

Stale najde toto...

V Chrome mi po reštarte vnucuje vyhľadaávač iný než Googla keď som ho dal zakázať tak sa s ponuky vyhľadávačov strati úplne akoby sa skryl...