Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosba o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
Gaganusin
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 06 kvě 2019 20:23

Prosba o kontrolu logu

#1 Příspěvek od Gaganusin »

Dobrý den,

chtěl bych vás poprosit o kontrolu. Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-05.2019
Ran by Saman (administrator) on SAMAN (Dell Inc. Inspiron 13-5378) (06-05-2019 21:32:44)
Running from C:\Users\Saman\Desktop
Loaded Profiles: defaultuser0 & Saman & Účetní (Available Profiles: defaultuser0 & Saman & Účetní)
Platform: Windows 10 Home Version 1803 17134.706 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\Update\DellUpdate.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Saman\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> DELL) C:\Config.Msi\27a1e5.rbf
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Wistron Corporation -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3893296 2016-05-17] (Wistron Corporation -> Dell Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [308656 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9229280 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [976768 2017-05-08] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319544 2019-01-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2246825409-3283599149-145179475-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\Run: [WhatsApp] => C:\Users\Saman\AppData\Local\WhatsApp\Update.exe [2200336 2018-03-15] (WhatsApp, Inc. -> ) [File not signed]
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe [1216416 2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540416 2019-04-16] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [604128 2018-11-01] (ZONER software, a.s. -> ZONER software)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\yv12vfw.dll [70656 2004-01-26] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [vidc.MPG4] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2010-04-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP42] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2010-04-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP43] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2010-04-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\SysWOW64\msaud32.acm [294912 2010-04-02] (Microsoft Corporation) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] ->
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0890C725-05C0-4E1B-B74D-F9F1936814C1} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-hodbod@fokus-mb.cz => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {13EE6629-58DA-44E0-A660-6EA5C266B094} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2670944 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {14F09D25-B5D7-4346-98C3-3793CBE53CC0} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [1595 2016-09-14] () [File not signed]
Task: {229758EA-6F20-4AA9-9493-1117C46EC94C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {275934EE-020E-4E79-A9BB-E40706C2380A} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {2B03D304-C67C-49C7-8950-5A0007B92EEA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-10] (Adobe Inc. -> Adobe)
Task: {2B20BBCF-D7E4-4A35-9B6D-94F171EAFC56} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd -> Piriform Ltd)
Task: {2D98E18F-2A89-45F2-AA6C-E44782C571A0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112672 2019-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {328D09C0-19D1-47CA-BE7A-88B95817D6E2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {5E80F75A-74CC-4915-9749-400A6A511300} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112672 2019-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {696A6185-AF28-4CEF-84E2-356E51C43645} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2408496 2019-04-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {89E000FA-A7D0-48A1-A25B-DBFCA29F7CD0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26196056 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {983F213B-BE12-47F4-AF6F-9BAD135E342F} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [33984 2019-03-07] (Rivet Networks LLC -> DELL)
Task: {9A69A0A7-EF95-40AE-B313-ED731580EAED} - System32\Tasks\Adobe Acrobat Update Task
Task: {9AC1CA44-D655-4F13-ABD1-B4137AACF9ED} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2970544 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {9B3DA079-E2FD-4534-A4BE-47C0558A9771} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [435672 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {9FDAEB5A-88F8-49C4-824C-B79B3AA4A1EE} - \Links Attachment to PDF -> No File <==== ATTENTION
Task: {AF1FBE07-50E9-48EC-88B3-C902837434DD} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
Task: {B79A347C-F772-4313-AFF6-AAE3D89036A4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4382048 2019-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD024650-28D7-4416-BA55-57E2D3FF5F79} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4382048 2019-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2468D08-3B55-4CE1-A597-065137827B2B} - System32\Tasks\PCDDataUploadTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {C3C8FE8F-DEC3-47CC-A788-AA80CD79B275} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439368 2019-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7A2DA16-662E-4A39-9456-E638BE35C4D6} - System32\Tasks\AVG EUpdate Task => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe [4072504 2018-06-21] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
Task: {CFA666AE-A23E-4D21-9E6F-68D01332DEFA} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {E4A8D6C3-5446-4CB8-918F-FBCBD0987F45} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe
Task: {EA6E8CA4-C3D4-48CF-85EE-FC8AEB47A445} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EE0CE85A-BF09-458E-8722-C375C63EBDBC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439368 2019-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF77C488-D66C-49F1-B643-3C7A4B6ACC7B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26196056 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {FD3B7E3D-BC1F-4A44-B55D-0A909E53B1E7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-10] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AVG Driver Updater Scan.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\WINDOWS\Tasks\AVG Driver Updater Startup.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{5bffd111-ef4d-48d4-bc46-9a9d4c96e2ef}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{7803a702-eece-4e95-a02c-96193069f3ce}: [DhcpNameServer] 172.141.1.171

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-118-756
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-118-756
HKU\S-1-5-21-2246825409-3283599149-145179475-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-2246825409-3283599149-145179475-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2246825409-3283599149-145179475-1001 -> {12B66C14-0D5F-4EDB-B426-3691C1547DDB} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-2246825409-3283599149-145179475-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10270__180113__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2246825409-3283599149-145179475-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-10-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No File
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 84z2v3mo.default
FF ProfilePath: C:\Users\Saman\AppData\Roaming\Mozilla\Firefox\Profiles\84z2v3mo.default [2019-05-06]
FF Homepage: Mozilla\Firefox\Profiles\84z2v3mo.default -> hxxps://www.google.com/?bcutc=sp-118-756
FF NewTab: Mozilla\Firefox\Profiles\84z2v3mo.default -> about:newtab
FF NewTabOverride: Mozilla\Firefox\Profiles\84z2v3mo.default -> Enabled: mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233
FF SearchPlugin: C:\Users\Saman\AppData\Roaming\Mozilla\Firefox\Profiles\84z2v3mo.default\searchplugins\google-avg.xml [2018-06-18]
FF SearchPlugin: C:\Users\Saman\AppData\Roaming\Mozilla\Firefox\Profiles\84z2v3mo.default\searchplugins\yahoo-lavasoft.xml [2018-02-08]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2018-11-15] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-10] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-10] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2018-01-08] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-10-20] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [362536 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6709272 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428264 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S3 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [110048 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11146240 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
S2 Crypkey License; C:\Windows\SysWOW64\crypserv.exe [69632 2006-03-01] (CrypKey (Canada) Ltd.) [File not signed]
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [35488 2019-02-28] (Dell Inc -> )
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> )
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2017-04-11] (Techporch Incorporated -> Dell Inc.)
S2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2017-04-11] (Techporch Incorporated -> Dell Inc.)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-21] (Intel Corporation -> Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17464 2019-01-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190216 2016-10-15] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [743728 2017-11-08] (Intel(R) Trust Services -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [720184 2017-11-08] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-22] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-19] (Intel Corporation -> )
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
S2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2019-03-07] (Rivet Networks LLC -> CloudBees, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324576 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2351304 2019-03-07] (Rivet Networks LLC -> Rivet Networks)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [6598496 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [592776 2017-05-08] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-07] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-07] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-19] (Intel Corporation -> Intel® Corporation)
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37368 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205656 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [254680 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [196560 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgblog.sys [320672 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [58152 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [15280 2019-01-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42336 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [166896 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [112360 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [87992 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1030832 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [476824 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [220472 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [385904 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 AX88179; C:\WINDOWS\System32\drivers\ax88179_178a.sys [74240 2018-04-12] (Microsoft Windows -> ASIX Electronics Corp.)
R4 DBUtil_2_3; C:\WINDOWS\TEMP\DBUtil_2_3.Sys [14840 2019-05-06] (Dell Inc. -> )
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-06-20] (Techporch Incorporated -> Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-06-20] (Techporch Incorporated -> Dell Computer Corporation)
R2 DpmLiteDrv; c:\Program Files\Dell\QuickSet\DpmLiteDrv64.sys [15080 2014-10-15] (Wistron Corporation -> Wistron Corp.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [74144 2017-11-21] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69536 2017-11-21] (Intel Corporation -> Intel Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-06-06] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-06-06] (Disc Soft Ltd -> Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [382880 2017-11-21] (Intel Corporation -> Intel Corporation)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [54816 2016-10-29] (Intel(R) Software -> Intel Corporation)
R3 HID_PCI; C:\WINDOWS\System32\drivers\HID_PCI.sys [30816 2016-05-24] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [98968 2017-10-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1017312 2019-01-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 ISH; C:\WINDOWS\System32\drivers\ISH.sys [140896 2016-06-05] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel)
R3 ISH_BusDriver; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [78432 2016-06-08] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel)
S1 NetworkX; C:\Windows\SysWOW64\ckldrv.sys [31846 2006-01-10] () [File not signed]
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8623128 2018-04-04] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [424384 2018-02-27] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3149824 2016-11-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [132952 2019-03-07] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2019-02-27] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-08-30] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-11-15] (AVG Technologies CZ, s.r.o. -> AVG Netherlands B.V.)
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [41992 2017-03-31] (Intel(R) Software -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-06-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [313384 2018-06-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-06 21:32 - 2019-05-06 21:33 - 000041381 ____C C:\Users\Saman\Desktop\FRST.txt
2019-05-06 21:24 - 2019-05-06 21:24 - 002430464 ____C (Farbar) C:\Users\Saman\Desktop\FRST64.exe
2019-05-06 21:15 - 2019-05-06 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rivet Networks
2019-05-06 21:15 - 2019-05-06 21:15 - 000000000 ____D C:\Program Files\Rivet Networks
2019-05-06 21:08 - 2019-05-06 21:08 - 000000000 _____ C:\WINDOWS\invcol.tmp
2019-05-06 18:58 - 2019-05-06 20:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-04 14:21 - 2019-05-04 14:21 - 000002585 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002561 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-05-04 14:02 - 2019-05-04 14:10 - 155877025 ____C C:\Users\Saman\Downloads\DJ Krush [2002] - The Message At The Depth.rar
2019-04-30 16:09 - 2019-04-30 16:09 - 001118033 ____C C:\Users\Saman\Downloads\Komunitní plán rozvoje sociálních a navazujících služeb města Cheb 2018 - 2020.pdf
2019-04-30 16:07 - 2019-04-30 16:07 - 003189276 ____C C:\Users\Saman\Downloads\Zkrácená verze Komunitního plánu rozvoje sociálních služeb města Cheb..pdf
2019-04-30 16:07 - 2019-04-30 16:07 - 003189276 ____C C:\Users\Saman\Downloads\Zkrácená verze Komunitního plánu rozvoje sociálních služeb města Cheb.(1).pdf
2019-04-30 08:30 - 2019-04-30 08:30 - 000000000 ____D C:\WINDOWS\Panther
2019-04-29 15:51 - 2019-04-29 15:51 - 000000000 ___DC C:\Users\Saman\Documents\GOMPlayer
2019-04-26 08:58 - 2019-04-26 08:58 - 000000000 ___DC C:\Users\Saman\AppData\Roaming\Software602
2019-04-26 08:57 - 2019-04-26 08:57 - 000000000 ____D C:\Program Files\Software602
2019-04-26 08:56 - 2019-04-26 08:58 - 000000000 ___DC C:\Users\Saman\AppData\Roaming\602XML
2019-04-26 08:56 - 2019-04-26 08:57 - 000000000 ___DC C:\Users\Saman\AppData\Roaming\602Installer
2019-04-26 08:56 - 2019-04-26 08:56 - 000001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software602 Form Filler.lnk
2019-04-26 08:56 - 2019-04-26 08:56 - 000001186 _____ C:\Users\Public\Desktop\Software602 Form Filler.lnk
2019-04-26 08:56 - 2019-04-26 08:56 - 000000000 ____D C:\Program Files (x86)\Software602
2019-04-26 08:56 - 2018-05-31 05:26 - 001839520 _____ C:\WINDOWS\system32\602convert.dll
2019-04-26 08:56 - 2018-05-31 05:26 - 000054864 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\602localmon.dll
2019-04-26 08:56 - 2018-05-31 05:26 - 000040016 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\602localui.dll
2019-04-26 08:56 - 2014-10-14 11:53 - 004940800 _____ (NiXPS NV) C:\WINDOWS\system32\NiXPS.dll
2019-04-26 08:52 - 2019-04-26 08:53 - 091026936 ____C C:\Users\Saman\Downloads\software602_form_filler.exe
2019-04-24 19:48 - 2019-04-24 19:48 - 000362928 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2019-04-15 10:05 - 2019-04-15 10:07 - 000660012 _____ C:\Users\Saman\Downloads\Karta klienta.zip
2019-04-12 23:22 - 2019-04-24 19:48 - 000000077 _____ C:\WINDOWS\system32\Drivers\avgSP.sys.sum
2019-04-11 18:18 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-11 18:18 - 2019-04-02 14:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-11 18:18 - 2019-04-02 14:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-11 18:18 - 2019-04-02 14:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-11 18:18 - 2019-04-02 14:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-11 18:18 - 2019-04-02 14:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-11 18:18 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-11 18:18 - 2019-04-02 11:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-11 18:18 - 2019-04-02 11:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-11 18:18 - 2019-04-02 11:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-11 18:18 - 2019-04-02 11:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-11 18:18 - 2019-04-02 11:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-11 18:18 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-11 18:18 - 2019-04-02 10:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-11 18:18 - 2019-04-02 10:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-11 18:18 - 2019-04-02 10:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-11 18:18 - 2019-04-02 10:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-11 18:18 - 2019-04-02 10:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-11 18:18 - 2019-04-02 10:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-11 18:18 - 2019-04-02 09:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-11 18:18 - 2019-04-02 09:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-11 18:18 - 2019-04-02 09:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-11 18:18 - 2019-04-02 09:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-11 18:18 - 2019-04-02 09:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-11 18:18 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-11 18:18 - 2019-04-02 09:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-11 18:18 - 2019-04-02 09:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-11 18:18 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-11 18:18 - 2019-04-02 09:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-11 18:18 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-11 18:18 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-11 18:18 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-11 18:18 - 2019-04-02 06:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-11 18:18 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-11 18:18 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-11 18:18 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-11 18:18 - 2019-04-02 06:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-11 18:18 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-11 18:18 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-11 18:18 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-11 18:18 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-11 18:18 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-11 18:18 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-11 18:18 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-11 18:18 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-11 18:18 - 2019-03-14 10:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-11 18:18 - 2019-03-14 10:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-11 18:18 - 2019-03-14 10:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-11 18:18 - 2019-03-14 10:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-11 18:18 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-11 18:18 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-11 18:18 - 2019-03-14 10:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-11 18:18 - 2019-03-14 10:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-11 18:18 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-11 18:18 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-11 18:18 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-11 18:18 - 2019-03-14 10:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-11 18:18 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-11 18:18 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-11 18:18 - 2019-03-14 10:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-11 18:18 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-11 18:18 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-11 18:18 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-11 18:18 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-11 18:18 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-11 18:18 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-11 18:18 - 2019-03-14 10:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-11 18:18 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-11 18:18 - 2019-03-14 09:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-11 18:18 - 2019-03-14 09:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-11 18:18 - 2019-03-14 09:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-11 18:18 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-11 18:18 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-11 18:18 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-11 18:18 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-11 18:18 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-11 18:18 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-11 18:18 - 2019-03-14 09:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-11 18:18 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-11 18:18 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-11 18:18 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-11 18:18 - 2019-03-14 09:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-11 18:18 - 2019-03-14 09:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-11 18:18 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-11 18:18 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-11 18:18 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-11 18:18 - 2019-03-14 09:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-11 18:18 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-11 18:18 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-11 18:17 - 2019-04-02 14:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-11 18:17 - 2019-04-02 14:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-11 18:17 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-11 18:17 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-11 18:17 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-11 18:17 - 2019-04-02 14:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-11 18:17 - 2019-04-02 14:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-11 18:17 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-11 18:17 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-11 18:17 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-11 18:17 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-11 18:17 - 2019-04-02 11:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-11 18:17 - 2019-04-02 10:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-11 18:17 - 2019-04-02 10:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-11 18:17 - 2019-04-02 10:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-11 18:17 - 2019-04-02 10:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-11 18:17 - 2019-04-02 10:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-11 18:17 - 2019-04-02 10:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-11 18:17 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-11 18:17 - 2019-04-02 10:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-11 18:17 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-11 18:17 - 2019-04-02 10:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-11 18:17 - 2019-04-02 10:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-11 18:17 - 2019-04-02 09:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-11 18:17 - 2019-04-02 09:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-11 18:17 - 2019-04-02 09:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-11 18:17 - 2019-04-02 09:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-11 18:17 - 2019-04-02 09:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-11 18:17 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-11 18:17 - 2019-04-02 09:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-11 18:17 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-11 18:17 - 2019-04-02 08:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-11 18:17 - 2019-04-02 07:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-11 18:17 - 2019-04-02 07:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-11 18:17 - 2019-04-02 06:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-11 18:17 - 2019-04-02 06:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-11 18:17 - 2019-04-02 06:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-11 18:17 - 2019-04-02 06:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-11 18:17 - 2019-04-02 06:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-11 18:17 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-11 18:17 - 2019-03-16 14:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-11 18:17 - 2019-03-16 11:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-11 18:17 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-11 18:17 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-11 18:17 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-11 18:17 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-11 18:17 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-11 18:17 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-11 18:17 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-11 18:17 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-11 18:17 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-11 18:17 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-11 18:17 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-11 18:17 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-11 18:17 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-11 18:17 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-11 18:17 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-11 18:17 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-11 18:17 - 2019-03-14 10:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-11 18:17 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-11 18:17 - 2019-03-14 10:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-11 18:17 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-11 18:17 - 2019-03-14 10:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-11 18:17 - 2019-03-14 10:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-11 18:17 - 2019-03-14 10:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-11 18:17 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-11 18:17 - 2019-03-14 10:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-11 18:17 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-11 18:17 - 2019-03-14 10:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-11 18:17 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-11 18:17 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-11 18:17 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-11 18:17 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-11 18:17 - 2019-03-14 10:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-11 18:17 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-11 18:17 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-11 18:17 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-11 18:17 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-11 18:17 - 2019-03-14 10:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-11 18:17 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-11 18:17 - 2019-03-14 10:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-11 18:17 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-11 18:17 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-11 18:17 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-11 18:17 - 2019-03-14 09:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-11 18:17 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-11 18:17 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-11 18:17 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-11 18:17 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-11 18:17 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-11 18:17 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-11 18:17 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-11 18:17 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-11 18:17 - 2019-03-14 09:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-11 18:17 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-11 18:17 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-11 18:17 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-11 18:17 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-11 18:17 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-11 18:17 - 2019-03-14 09:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-11 18:17 - 2019-03-14 09:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-11 18:17 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-11 18:17 - 2019-03-14 09:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-11 18:17 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-11 18:17 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-11 18:17 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-11 18:17 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-11 18:17 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-11 18:17 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-11 18:17 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-11 18:17 - 2019-03-14 09:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-11 18:17 - 2019-03-14 03:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-11 18:17 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-11 18:17 - 2019-03-14 03:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-11 18:17 - 2019-03-14 03:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-11 18:17 - 2019-03-14 03:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-10 21:07 - 2019-04-10 21:53 - 263747537 _____ C:\Users\Saman\Downloads\Y.S.0217.Albert.Einstein.and.the.Story.of.Another.Mary.7z
2019-04-10 21:07 - 2019-04-10 21:52 - 250380493 _____ C:\Users\Saman\Downloads\Y.S.0215.A Math Emergency and Perky Palms.7z
2019-04-10 21:07 - 2019-04-10 21:50 - 234028494 _____ C:\Users\Saman\Downloads\Y.S.0214.David, Goliath and a Yoo-hoo from the Back.7z
2019-04-10 21:07 - 2019-04-10 21:50 - 232093394 _____ C:\Users\Saman\Downloads\Y.S.0216.A.Loaf.of.Bread.and.a.Grand.Old.Flag.7z
2019-04-10 21:06 - 2019-04-10 21:23 - 243544765 ____C C:\Users\Saman\Downloads\10.VHS reminiscence.7z
2019-04-09 07:14 - 2019-04-09 07:14 - 000014673 ____C C:\Users\Saman\Downloads\nastupni_plat(2).xlsx
2019-04-06 02:55 - 2019-04-06 02:55 - 000041494 ____C C:\Users\Saman\Downloads\xvii.-poharek-prihlaska-na-akci.xlsx
2019-04-06 01:14 - 2019-04-06 01:14 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2019-04-06 01:14 - 2019-04-06 01:14 - 000002027 _____ C:\Users\Public\Desktop\Zoner Photo Studio X.lnk
2019-04-06 01:14 - 2019-04-06 01:14 - 000000000 ____D C:\Program Files\Zoner

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-06 21:32 - 2017-04-24 11:24 - 000000000 ____D C:\FRST
2019-05-06 21:15 - 2019-04-03 20:30 - 000003068 _____ C:\WINDOWS\System32\Tasks\SmartByte Telemetry
2019-05-06 21:15 - 2019-04-03 20:30 - 000000000 ____D C:\ProgramData\RivetNetworks
2019-05-06 20:56 - 2017-03-27 18:07 - 000000000 ___DC C:\Users\Saman\AppData\Roaming\vlc
2019-05-06 20:49 - 2019-04-05 08:50 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2019-05-06 20:42 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-06 20:39 - 2018-05-21 11:50 - 001692472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-06 20:39 - 2018-04-12 17:50 - 000718750 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-06 20:39 - 2018-04-12 17:50 - 000145490 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-06 20:39 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-06 20:35 - 2017-03-27 18:20 - 000000000 ___DC C:\Users\Saman\AppData\LocalLow\Mozilla
2019-05-06 20:35 - 2017-03-27 18:19 - 000000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-05-06 20:35 - 2017-03-27 18:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-06 20:33 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2019-05-06 20:32 - 2017-03-27 17:53 - 000000000 __SHD C:\Users\Saman\IntelGraphicsProfiles
2019-05-06 20:31 - 2018-05-21 11:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-06 20:31 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-05-06 20:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-06 20:23 - 2018-05-21 11:43 - 000000000 ___DC C:\Users\Saman\AppData\Local\Google
2019-05-06 20:23 - 2017-04-24 10:34 - 000000000 ____D C:\Program Files (x86)\Google
2019-05-06 20:21 - 2017-03-28 12:27 - 000000000 ___DC C:\Users\Saman\Desktop\Dokumenty
2019-05-06 20:04 - 2018-05-21 11:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-06 18:29 - 2019-01-23 22:27 - 000002846 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-hodbod@fokus-mb.cz
2019-05-06 18:29 - 2019-01-06 21:12 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-05-06 18:29 - 2018-09-18 16:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-05-06 18:29 - 2018-05-21 11:49 - 000003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-06 18:29 - 2018-05-21 11:49 - 000003810 _____ C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2019-05-06 18:29 - 2018-05-21 11:49 - 000003530 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-05-06 18:29 - 2018-05-21 11:49 - 000003262 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2019-05-06 18:29 - 2018-05-21 11:49 - 000003258 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2019-05-06 18:29 - 2018-05-21 11:49 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-05-06 18:29 - 2018-05-21 11:49 - 000003100 _____ C:\WINDOWS\System32\Tasks\PCDDataUploadTask
2019-05-06 18:29 - 2018-05-21 11:49 - 000003094 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2019-05-06 18:29 - 2018-05-21 11:49 - 000002996 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
2019-05-06 18:29 - 2018-05-21 11:49 - 000002982 _____ C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2019-05-06 18:29 - 2018-05-21 11:49 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2246825409-3283599149-145179475-1001
2019-05-06 18:29 - 2018-05-21 11:49 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2246825409-3283599149-145179475-1003
2019-05-06 18:29 - 2018-05-21 11:49 - 000002304 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton
2019-05-06 18:29 - 2018-05-21 11:49 - 000002060 _____ C:\WINDOWS\System32\Tasks\Dell Cleanup
2019-05-06 17:42 - 2017-03-27 21:05 - 000002262 ___HC C:\Users\Saman\Documents\Default.rdp
2019-05-06 15:30 - 2018-05-21 11:49 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2019-05-06 07:30 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-04 14:19 - 2018-06-18 22:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-05-03 19:39 - 2017-11-06 09:00 - 000000000 ___DC C:\Users\Saman\AppData\Local\Packages
2019-05-03 18:55 - 2017-07-10 10:52 - 000000000 ___DC C:\Users\Saman\AppData\Local\CrashDumps
2019-05-03 16:31 - 2018-01-13 20:56 - 000000000 _____ C:\end
2019-04-30 07:56 - 2018-05-21 11:43 - 000000000 ____D C:\Users\Účetní
2019-04-30 07:56 - 2018-05-21 11:43 - 000000000 ____D C:\Users\Saman
2019-04-30 07:56 - 2018-05-21 11:43 - 000000000 ____D C:\Users\defaultuser0
2019-04-29 18:27 - 2018-06-01 14:23 - 000000000 ___DC C:\Users\Saman\AppData\Local\D3DSCache
2019-04-29 13:14 - 2019-02-14 00:41 - 000001381 _____ C:\Users\Public\Desktop\Skype.lnk
2019-04-29 13:14 - 2019-02-14 00:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-04-25 08:19 - 2017-03-27 17:57 - 000000000 ____D C:\Program Files\CCleaner
2019-04-24 19:48 - 2019-01-14 16:49 - 000254680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2019-04-24 19:48 - 2019-01-11 20:33 - 000320672 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgblog.sys
2019-04-24 19:48 - 2019-01-11 20:33 - 000196560 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2019-04-24 19:48 - 2019-01-11 20:33 - 000058152 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2019-04-24 19:48 - 2019-01-11 20:33 - 000037368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2019-04-24 19:48 - 2018-10-19 12:08 - 000042336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2019-04-24 19:48 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-24 19:48 - 2017-12-13 12:46 - 000205656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2019-04-24 19:48 - 2017-04-24 10:34 - 001030832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2019-04-24 19:48 - 2017-04-24 10:34 - 000476824 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2019-04-24 19:48 - 2017-04-24 10:34 - 000385904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2019-04-24 19:48 - 2017-04-24 10:34 - 000220472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2019-04-24 19:48 - 2017-04-24 10:34 - 000166896 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2019-04-24 19:48 - 2017-04-24 10:34 - 000112360 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2019-04-24 19:48 - 2017-04-24 10:34 - 000087992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2019-04-24 18:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-23 10:46 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-16 00:34 - 2018-05-21 11:43 - 000002363 ____C C:\Users\Saman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-16 00:34 - 2017-03-27 17:54 - 000000000 ___RD C:\Users\Saman\OneDrive
2019-04-15 13:38 - 2018-06-03 21:31 - 000000000 ____D C:\Users\Saman\Ubiquiti UniFi
2019-04-14 03:06 - 2018-05-28 13:30 - 000485608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-14 03:05 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-14 03:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-14 03:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-10 21:01 - 2017-03-27 20:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 20:25 - 2017-03-27 20:29 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-10 07:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-10 07:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed

==================== Files in the root of some directories =======

1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Users\Saman\MUIvPRYe.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Program Files (x86)\JUAOXWaIOHlKi.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Program Files (x86)\SizEFAyRC.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000178688 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\iEYSvEMCaG.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000178688 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\qbPihieEoD.exe
2019-01-02 12:42 - 2019-01-02 12:42 - 000178176 _RSHC () C:\Users\Saman\AppData\Roaming\Eset.exe
2019-05-03 16:31 - 2019-05-03 16:31 - 000370070 ____C () C:\Users\Saman\AppData\Roaming\logo_empire_desktop.ico
2019-01-02 12:42 - 2019-01-02 12:42 - 000151648 ____C (Microsoft Corporation) C:\Users\Saman\AppData\Roaming\trz54EE.tmp
2019-01-02 12:42 - 2019-01-02 12:42 - 001499136 ____C (Microsoft Corporation) C:\Users\Saman\AppData\Roaming\trz55DA.tmp
2019-01-02 12:42 - 2019-01-02 12:42 - 000152160 _RSHC (Microsoft Corporation) C:\Users\Saman\AppData\Roaming\trz7684.tmp
2019-01-02 12:44 - 2019-01-02 12:44 - 000000000 ____C () C:\Users\Saman\AppData\Roaming\unp143388093.tmp
1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____C (Microsoft Corporation) C:\Users\Saman\AppData\Local\EOZgJM.exe
2018-06-18 21:05 - 2018-06-18 21:05 - 000140800 ____C () C:\Users\Saman\AppData\Local\installer.dat
2019-01-23 22:27 - 2019-01-23 22:27 - 000000000 ____C () C:\Users\Saman\AppData\Local\oobelibMkey.log
2018-06-18 21:04 - 2018-06-18 21:04 - 000000003 ____C () C:\Users\Saman\AppData\Local\wbem.ini

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05.2019
Ran by Saman (06-05-2019 21:33:50)
Running from C:\Users\Saman\Desktop
Windows 10 Home Version 1803 17134.706 (X64) (2018-05-21 09:50:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2246825409-3283599149-145179475-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2246825409-3283599149-145179475-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2246825409-3283599149-145179475-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2246825409-3283599149-145179475-501 - Limited - Disabled)
Saman (S-1-5-21-2246825409-3283599149-145179475-1001 - Administrator - Enabled) => C:\Users\Saman
WDAGUtilityAccount (S-1-5-21-2246825409-3283599149-145179475-504 - Limited - Disabled)
Účetní (S-1-5-21-2246825409-3283599149-145179475-1003 - Limited - Enabled) => C:\Users\Účetní

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{8c595286-0f9e-42de-a0d4-969aba282637}) (Version: 20.50.0 - Intel Corporation)
ApowerREC V1.3.4.4 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.3.4.4 - Apowersoft LIMITED)
AVG (HKLM\...\{136B57DF-DA9E-4361-A165-09AB4422BCD1}) (Version: 1.231.3 - AVG Technologies) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.4.3089 - AVG Technologies)
AVG Driver Updater (HKLM-x32\...\{BAAB946F-7E00-41F4-BEC7-B8CCF758E012}) (Version: 2.3.0 - AVG Netherlands B.V) Hidden
AVG Driver Updater (HKLM-x32\...\AVG Driver Updater) (Version: 2.3.0 - AVG Netherlands B.V)
AVG PC TuneUp (HKLM-x32\...\{52B6D655-9038-4290-B710-0E568F806155}) (Version: 16.80.3 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.80.3.38236 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
CDisplayEx 1.10.33 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
DataNumen NTFS Undelete v2.0 (HKLM-x32\...\DataNumen NTFS Undelete v2.0) (Version: - )
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.4.2.0 - Dell Inc.) Hidden
Dell Digital Delivery Services (HKLM-x32\...\{82157E05-6529-4355-9271-5160703457A7}) (Version: 4.0.28.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
Dell SupportAssist Remediation (HKLM\...\{5832D99C-C9C6-437F-861C-43ED6333956F}) (Version: 4.1.0.6828 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{48253a97-70d4-4166-9a2b-80b3bb2fcc75}) (Version: 4.1.0.6828 - Dell Inc.)
Dell SupportAssistAgent (HKLM\...\{E1B18D9E-1B56-4E75-A58C-B31B46CE630C}) (Version: 2.0.0.186 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{ED23034C-BB55-432A-B216-C3DCC768A7D3}) (Version: 4.1.0.6828 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{de2492a6-682a-49a4-87be-f8448e1af207}) (Version: 4.1.0.6828 - Dell Inc.)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
FMW 1 (HKLM\...\{4CC5FB14-3F4D-4FA8-B921-00A9B40145C4}) (Version: 1.227.45 - AVG Technologies) Hidden
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.40.5302 - GOM & Company)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.1.318 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1058 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.0.2.1076 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.139.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{fd62de85-bda9-4280-a95b-fa2f86e0dc58}) (Version: 1.48.139.0 - Intel Corporation) Hidden
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{97F4CEAE-8F2B-4012-93CC-75428373214D}) (Version: 19.00.1621.3340 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Integrated Sensor Solution (HKLM-x32\...\{b3c2a365-876b-4588-97ce-5ab104b07d57}) (Version: 3.0.30.1076 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
ISS_Drivers_x64 (HKLM\...\{7F65AED2-5B3C-40DD-996B-6F8820856F34}) (Version: 3.0.30.1076 - Intel Corporation) Hidden
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Master PDF Editor 3.6 (HKLM\...\Master PDF Editor 3_is1) (Version: 3.6.17 - Code Industry Ltd.)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9179.0 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\Proplus2019Retail - cs-cz) (Version: 16.0.11601.20144 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2246825409-3283599149-145179475-1003\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Project Professional 2019 - cs-cz (HKLM\...\ProjectPro2019Retail - cs-cz) (Version: 16.0.11601.20144 - Microsoft Corporation)
Microsoft Visio Professional 2019 - cs-cz (HKLM\...\VisioPro2019Retail - cs-cz) (Version: 16.0.11601.20144 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{cb41fc68-4442-4f7f-b22f-8f31c74897ac}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 66.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.4 (x64 cs)) (Version: 66.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.4.7063 - Mozilla)
NTFS Undelete 3.0.6.923 (HKLM-x32\...\NTFS Undelete_is1) (Version: - Copyright © 2011 eSupport.com • All Rights Reserved)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{E8FA8815-3817-4128-A814-E2EAC456ADF0}) (Version: 4.0.21 - dotPDN LLC)
QuickSet64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.37 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31241 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8158 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11224 - Realtek Semiconductor Corp.)
Registrace produktu (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:) Hidden
Registrace produktu Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:)
Skype verze 8.43 (HKLM-x32\...\Skype_is1) (Version: 8.43 - Skype Technologies S.A.)
SmartByte Drivers and Services (HKLM\...\{CAFD2E75-129F-42AD-8258-0FC494ACBD8E}) (Version: 2.5.719 - Název společnosti:)
Software602 Form Filler (HKLM-x32\...\{9210AEE3-6ECB-4271-A125-1039E94A6A51}) (Version: 4.75 - Software602 a.s.)
STORMWARE POHODA Start CZ (HKLM-x32\...\{9048A3CC-D8F1-46FD-91D4-1D157BE71447}) (Version: 11601.12 - STORMWARE)
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
WinRAR 5.60 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.84 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2246825409-3283599149-145179475-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxDTCM.dll [2017-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-04-24 10:26 - 2017-04-24 10:25 - 048920064 _____ () [File not signed] C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2019-02-28 15:33 - 2019-02-28 15:33 - 000018432 _____ () [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll
2017-05-15 14:39 - 2016-03-21 22:15 - 000027648 _____ (Copyright (c) Code Industry Ltd ) [File not signed] C:\WINDOWS\System32\mpelocalmon.dll
2010-01-18 12:29 - 2010-01-18 12:29 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-01-18 12:29 - 2010-01-18 12:29 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2016-03-02 12:16 - 2016-03-02 12:16 - 000335872 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2019-03-07 10:24 - 2019-03-07 10:24 - 000102400 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2019-04-06 01:14 - 2016-10-17 18:29 - 003842048 _____ (Terra Informatica Software, Inc.) [File not signed] C:\Program Files\Zoner\Photo Studio 19\Program32\sciter32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\sharepoint.com -> hxxps://fokusmb-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2019-01-08 09:37 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-2246825409-3283599149-145179475-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Saman\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
HKU\S-1-5-21-2246825409-3283599149-145179475-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "rundll32"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{2F7D00EA-4FC8-4CCF-BCCB-924A3552D179}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{627EAFF0-4553-4218-9B44-6547626290AB}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2A120F8A-ABEC-463C-94B6-C0B4A0B6026E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5B7415FE-07F5-48D4-8389-F8BF812DBD6E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5CA7D9F1-5185-4CC3-8A45-E9D77EC7E130}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EF4AC5D4-AE77-45A2-BFE2-3E62756C4183}] => (Allow) C:\Users\Saman\MUIvPRYe.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E7E5759C-F41A-4BB5-913E-E790751B2F17}] => (Allow) C:\Program Files (x86)\SizEFAyRC.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2EF882F4-84F3-455F-8532-01375FA54318}] => (Allow) C:\WINDOWS\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3E9A502F-DA74-4F90-AD73-8C56344348C6}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{919BA639-EF3D-4284-BBE2-F1A9972FF021}] => (Allow) C:\Users\Saman\AppData\Local\EOZgJM.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4CDAF56C-B24B-4A6F-ACD1-7F276B793AA6}] => (Allow) C:\Program Files (x86)\JUAOXWaIOHlKi.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{75053631-D1C3-4E4C-88FE-761FD4902B0C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{3B5D41C0-4E62-4751-BA61-A429FEBD06E5}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{7AF3A410-0EEF-42D0-B524-D469A8BC63D4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{AC85CA43-3EED-4098-91BE-FCE4657709F7}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F74F1B53-2265-4644-8E9F-E92C68997DE7}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5A061A99-6323-43C1-8B7A-7F072151B27F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{5EB701BF-EDA2-4ADC-A435-879FD9391771}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{D1211470-8598-4262-8B40-2FFA419D7584}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{91B8C655-2B5A-4D5A-8989-FEB62CE68926}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{99B2B2B1-4302-40FA-9AEC-205BA158232F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E57FDD00-33D3-4072-8F60-768F3D9A9FF0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{193CBF49-6AEE-4065-89FF-47020DF16977}] => (Allow) C:\Users\Saman\Ubiquiti UniFi\bin\mongod.exe () [File not signed]
FirewallRules: [{E8EA9313-6C92-42AC-AAC4-B9916140ED6F}] => (Allow) C:\Users\Saman\Ubiquiti UniFi\bin\mongod.exe () [File not signed]
FirewallRules: [{39EDF938-6890-49D3-AB01-284FDED1BD19}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{9D778120-7EF6-4F12-8002-41AEAE8DE2E8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{5B1F2FA5-5A09-45C7-A185-A375772D343B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{87D1E84B-B1D1-438A-8AAF-ED2F055A1E43}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{328AE823-ADB3-4E81-9353-9FFDB5820DDF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{08CC95DA-E08A-4746-8B61-27F6F9A30B52}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{20E7023C-92BA-4501-AB25-80E4D8D2CE38}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C6761059-190D-4A8F-A35C-0428C6ECC8CA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{239E2629-085A-4A27-8C92-44438D14FC6A}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{C8A39C88-9D22-46EA-B4C2-2B0804723D2B}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{144205DC-ABEF-4946-82DC-F64CC4720E95}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{04E17F63-88BF-447E-885E-6FDD99E2B7DF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1F89BD09-452C-4025-9E51-20F915F7C116}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D92AC1A-4E5E-4A8C-B2D9-51BB15C87134}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{DEB900CD-473C-4945-8C2C-B7DACB3129FA}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [UDP Query User{0D6F8039-E5D1-49A5-AE4C-A8E241AD4904}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [TCP Query User{9C610199-54F0-4DE0-BDA8-CC29DC708075}C:\program files\java\jre1.8.0_191\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\java.exe
FirewallRules: [UDP Query User{A3D07ECC-E50B-4E70-8880-A11038CE54BC}C:\program files\java\jre1.8.0_191\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\java.exe
FirewallRules: [{13C499FA-9844-44C8-9300-DAA82F13F13F}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{DA17D7CC-BC96-44BF-BBA1-A1C65B9BBEC2}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{C1DA8347-D03B-4BD8-8C17-FE7F7AE8797E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B79A971F-B638-4F72-8A67-C7C06A42633B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

26-04-2019 08:56:00 Installed Software602 Form Filler.
04-05-2019 20:27:35 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/06/2019 09:15:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mup.exe, verze: 0.0.0.0, časové razítko: 0x5c3995fa
Název chybujícího modulu: mup.exe, verze: 0.0.0.0, časové razítko: 0x5c3995fa
Kód výjimky: 0xc0000409
Posun chyby: 0x0013e7a7
ID chybujícího procesu: 0x34f8
Čas spuštění chybující aplikace: 0x01d5044014369094
Cesta k chybující aplikaci: C:\ProgramData\Dell\drivers\4d6bcffc-3e2e-4b3e-a30a-0db1db27b520\mup.exe
Cesta k chybujícímu modulu: C:\ProgramData\Dell\drivers\4d6bcffc-3e2e-4b3e-a30a-0db1db27b520\mup.exe
ID zprávy: 46b034c6-cd45-4e94-af40-a8534b5cda7e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/06/2019 09:14:54 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x8007001f, Zařízení připojené k systému nefunguje.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (05/06/2019 08:31:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_SensorService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: ESENT.dll, verze: 10.0.17134.112, časové razítko: 0xbce77d42
Kód výjimky: 0xc0000602
Posun chyby: 0x0000000000252de2
ID chybujícího procesu: 0x744
Čas spuštění chybující aplikace: 0x01d501a506d248c2
Cesta k chybující aplikaci: c:\windows\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\ESENT.dll
ID zprávy: 1275fd3f-2918-45aa-81c8-1d533874ba4e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/06/2019 08:31:09 PM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (1860,G,0) Terminating process due to non-recoverable failure: PV: 10.0.17134.0 SV: 10.0.17134.0 GLE: 0 ERR: -259(bf.cxx:21888): dllentry.cxx(108) (ESENT[10.0.17134.0] RETAIL RTM MBCS). Tag: EnforceTag:InitdEseInstancesOnDllUnload.

Error: (05/06/2019 08:27:01 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: SAMAN)
Description: httphttp-2147467263

Error: (05/06/2019 08:26:45 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: SAMAN)
Description: httphttp-2147467263

Error: (05/06/2019 08:04:06 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 282285009 ms

DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]


Policy: Passive Policy [1]

Error: (05/06/2019 08:04:06 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 282284880 ms

DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]


Policy: Passive Policy [1]


System errors:
=============
Error: (05/06/2019 09:14:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Rivet Dynamic Bandwidth Management byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/06/2019 08:34:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Dell Data Vault bylo dosaženo časového limitu (30000 ms).

Error: (05/06/2019 08:31:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SpyEmrgHealth neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (05/06/2019 08:31:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Crypkey License neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (05/06/2019 08:31:41 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.

Error: (05/06/2019 08:23:28 PM) (Source: DCOM) (EventID: 10016) (User: SAMAN)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli SAMAN\Saman (SID: S-1-5-21-2246825409-3283599149-145179475-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/06/2019 06:31:11 PM) (Source: Netwtw04) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)

Error: (05/06/2019 06:31:11 PM) (Source: Netwtw04) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)


Windows Defender:
===================================
Date: 2018-06-07 08:23:23.699
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Users\Saman\AppData\Local\Tempsystem.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.269.809.0, AS: 1.269.809.0, NIS: 1.269.809.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-07 08:12:56.129
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Users\Saman\AppData\Local\Tempsystem.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.241.296.0, AS: 1.241.296.0, NIS: 1.241.296.0
Verze modulu: AM: 1.1.13701.0, NIS: 1.1.13701.0

CodeIntegrity:
===================================

Date: 2018-10-23 18:37:40.871
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-23 18:37:40.863
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-23 13:50:06.858
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-23 13:50:06.858
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-23 12:51:36.923
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-23 12:51:20.231
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-23 12:51:19.891
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-23 12:51:04.662
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.26.0 07/17/2018
Motherboard: Dell Inc. 0M60Y2
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 60%
Total physical RAM: 8061.9 MB
Available physical RAM: 3182.44 MB
Total Virtual: 9341.9 MB
Available Virtual: 3875.04 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:228.47 GB) (Free:104.91 GB) NTFS
Drive d: () (Fixed) (Total:0.45 GB) (Free:0.44 GB) NTFS
Drive e: () (Removable) (Total:29.71 GB) (Free:10.61 GB) FAT32
Drive f: (Saman_disk) (Fixed) (Total:930.98 GB) (Free:159.61 GB) NTFS
Drive g: (DBR_BOOT) (Fixed) (Total:0.49 GB) (Free:0.47 GB) FAT32

\\?\Volume{97462f55-a7ca-447c-b4e2-65d0827c5b08}\ (Image) (Fixed) (Total:8.93 GB) (Free:0.55 GB) NTFS
\\?\Volume{b7d9c426-7bf4-4ee1-819c-2ca92a3ee32d}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 1 (Protective MBR) (Size: 29.7 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 9F734E27)
Partition 1: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=510 MB) - (Type=0C)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosba o kontrolu logu

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Gaganusin
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 06 kvě 2019 20:23

Re: Prosba o kontrolu logu

#3 Příspěvek od Gaganusin »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-06-2019
# Duration: 00:00:03
# OS: Windows 10 Home
# Cleaned: 22
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Users\Saman\AppData\Local\WhiteClick
Deleted C:\Users\Saman\AppData\Roaming\Seznam.cz

***** [ Files ] *****

Deleted C:\END
Deleted C:\Users\Saman\AppData\Roaming\Mozilla\Firefox\Profiles\84z2v3mo.default\searchplugins\yahoo-lavasoft.xml
Deleted C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\SlimWare Utilities Inc
Deleted HKCU\Software\WidModule
Deleted HKCU\Software\csastats
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\WCAssistantService
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

Deleted System Table

***** [ Firefox URLs ] *****

Not Deleted suggestqueries.google.com


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3040 octets] - [06/05/2019 23:04:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Gaganusin
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 06 kvě 2019 20:23

Re: Prosba o kontrolu logu

#4 Příspěvek od Gaganusin »

Zatím děkuji, koukám, že jsem tu měl celkem binec. Zdá se, že už se nejde zbavit jen PUP Optional Legacy. Předem děkuji i za pomoc s vyřešením tohoto problému.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosba o kontrolu logu

#5 Příspěvek od Conder »

:arrow: Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Gaganusin
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 06 kvě 2019 20:23

Re: Prosba o kontrolu logu

#6 Příspěvek od Gaganusin »

Ahoj, přikládám oba nové soubory.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-05.2019
Ran by Saman (administrator) on SAMAN (Dell Inc. Inspiron 13-5378) (08-05-2019 08:08:20)
Running from C:\Users\Saman\Desktop
Loaded Profiles: defaultuser0 & Saman & Účetní (Available Profiles: defaultuser0 & Saman & Účetní)
Platform: Windows 10 Home Version 1803 17134.706 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Dell Inc. -> Dell Inc.) C:\Windows\Temp\SupportAssistAgent\Installer\SupportAssistInstaller.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Saman\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Wistron Corporation -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3893296 2016-05-17] (Wistron Corporation -> Dell Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239192 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [308656 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9229280 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [976768 2017-05-08] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319544 2019-01-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2246825409-3283599149-145179475-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\Run: [WhatsApp] => C:\Users\Saman\AppData\Local\WhatsApp\Update.exe [2200336 2018-03-15] (WhatsApp, Inc. -> ) [File not signed]
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe [1216416 2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646696 2019-04-25] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [604128 2018-11-01] (ZONER software, a.s. -> ZONER software)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\yv12vfw.dll [70656 2004-01-26] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [vidc.MPG4] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2010-04-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP42] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2010-04-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP43] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2010-04-02] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\SysWOW64\msaud32.acm [294912 2010-04-02] (Microsoft Corporation) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] ->
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0890C725-05C0-4E1B-B74D-F9F1936814C1} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-hodbod@fokus-mb.cz => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {13EE6629-58DA-44E0-A660-6EA5C266B094} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2670944 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {14F09D25-B5D7-4346-98C3-3793CBE53CC0} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [1595 2016-09-14] () [File not signed]
Task: {229758EA-6F20-4AA9-9493-1117C46EC94C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {275934EE-020E-4E79-A9BB-E40706C2380A} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {2B03D304-C67C-49C7-8950-5A0007B92EEA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-10] (Adobe Inc. -> Adobe)
Task: {2B20BBCF-D7E4-4A35-9B6D-94F171EAFC56} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd -> Piriform Ltd)
Task: {2D98E18F-2A89-45F2-AA6C-E44782C571A0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112672 2019-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {328D09C0-19D1-47CA-BE7A-88B95817D6E2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {5E80F75A-74CC-4915-9749-400A6A511300} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112672 2019-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {696A6185-AF28-4CEF-84E2-356E51C43645} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2408496 2019-04-03] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {89E000FA-A7D0-48A1-A25B-DBFCA29F7CD0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26196056 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {983F213B-BE12-47F4-AF6F-9BAD135E342F} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [33984 2019-03-07] (Rivet Networks LLC -> DELL)
Task: {9A69A0A7-EF95-40AE-B313-ED731580EAED} - System32\Tasks\Adobe Acrobat Update Task
Task: {9AC1CA44-D655-4F13-ABD1-B4137AACF9ED} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2970544 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {9B3DA079-E2FD-4534-A4BE-47C0558A9771} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [435672 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {9FDAEB5A-88F8-49C4-824C-B79B3AA4A1EE} - \Links Attachment to PDF -> No File <==== ATTENTION
Task: {AF1FBE07-50E9-48EC-88B3-C902837434DD} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
Task: {B79A347C-F772-4313-AFF6-AAE3D89036A4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4382048 2019-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD024650-28D7-4416-BA55-57E2D3FF5F79} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4382048 2019-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2468D08-3B55-4CE1-A597-065137827B2B} - System32\Tasks\PCDDataUploadTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {C3C8FE8F-DEC3-47CC-A788-AA80CD79B275} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439368 2019-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7A2DA16-662E-4A39-9456-E638BE35C4D6} - System32\Tasks\AVG EUpdate Task => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe [4072504 2018-06-21] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
Task: {CFA666AE-A23E-4D21-9E6F-68D01332DEFA} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {E4A8D6C3-5446-4CB8-918F-FBCBD0987F45} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe
Task: {EA6E8CA4-C3D4-48CF-85EE-FC8AEB47A445} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {EE0CE85A-BF09-458E-8722-C375C63EBDBC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439368 2019-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF77C488-D66C-49F1-B643-3C7A4B6ACC7B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26196056 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {FD3B7E3D-BC1F-4A44-B55D-0A909E53B1E7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-10] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AVG Driver Updater Scan.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\WINDOWS\Tasks\AVG Driver Updater Startup.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{5bffd111-ef4d-48d4-bc46-9a9d4c96e2ef}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{7803a702-eece-4e95-a02c-96193069f3ce}: [DhcpNameServer] 172.141.1.171

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-118-756
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-118-756
HKU\S-1-5-21-2246825409-3283599149-145179475-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-2246825409-3283599149-145179475-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2246825409-3283599149-145179475-1001 -> {12B66C14-0D5F-4EDB-B426-3691C1547DDB} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_28314
SearchScopes: HKU\S-1-5-21-2246825409-3283599149-145179475-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10270__180113__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2246825409-3283599149-145179475-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-05-06] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-05-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-05-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No File
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 84z2v3mo.default
FF ProfilePath: C:\Users\Saman\AppData\Roaming\Mozilla\Firefox\Profiles\84z2v3mo.default [2019-05-08]
FF Homepage: Mozilla\Firefox\Profiles\84z2v3mo.default -> hxxps://www.google.com/?bcutc=sp-118-756
FF NewTab: Mozilla\Firefox\Profiles\84z2v3mo.default -> about:newtab
FF NewTabOverride: Mozilla\Firefox\Profiles\84z2v3mo.default -> Enabled: mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233
FF SearchPlugin: C:\Users\Saman\AppData\Roaming\Mozilla\Firefox\Profiles\84z2v3mo.default\searchplugins\google-avg.xml [2018-06-18]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2018-11-15] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-10] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-10] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-05-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2018-01-08] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-10-20] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [362536 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6709272 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428264 2018-06-14] (AVG Netherlands B.V. -> AVG Technologies CZ, s.r.o.)
S3 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [110048 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11146240 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
S2 Crypkey License; C:\Windows\SysWOW64\crypserv.exe [69632 2006-03-01] (CrypKey (Canada) Ltd.) [File not signed]
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [35488 2019-02-28] (Dell Inc -> )
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> )
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2017-04-11] (Techporch Incorporated -> Dell Inc.)
S2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2017-04-11] (Techporch Incorporated -> Dell Inc.)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-21] (Intel Corporation -> Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17464 2019-01-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190216 2016-10-15] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [743728 2017-11-08] (Intel(R) Trust Services -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [720184 2017-11-08] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-22] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-19] (Intel Corporation -> )
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
S2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2019-03-07] (Rivet Networks LLC -> CloudBees, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324576 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2351304 2019-03-07] (Rivet Networks LLC -> Rivet Networks)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [6598496 2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [592776 2017-05-08] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-07] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-07] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-19] (Intel Corporation -> Intel® Corporation)
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37368 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205656 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [254680 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [196560 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgblog.sys [320672 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [58152 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [15280 2019-01-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42336 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [166896 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [112360 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [87992 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1030832 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [476824 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [220472 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [385904 2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 AX88179; C:\WINDOWS\System32\drivers\ax88179_178a.sys [74240 2018-04-12] (Microsoft Windows -> ASIX Electronics Corp.)
R4 DBUtil_2_3; C:\WINDOWS\TEMP\DBUtil_2_3.Sys [14840 2019-05-07] (Dell Inc. -> )
S3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-06-20] (Techporch Incorporated -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-06-20] (Techporch Incorporated -> Dell Computer Corporation)
R2 DpmLiteDrv; c:\Program Files\Dell\QuickSet\DpmLiteDrv64.sys [15080 2014-10-15] (Wistron Corporation -> Wistron Corp.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [74144 2017-11-21] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69536 2017-11-21] (Intel Corporation -> Intel Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-06-06] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-06-06] (Disc Soft Ltd -> Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [382880 2017-11-21] (Intel Corporation -> Intel Corporation)
R3 HidEventFilter; C:\WINDOWS\System32\drivers\HidEventFilter.sys [54816 2016-10-29] (Intel(R) Software -> Intel Corporation)
R3 HID_PCI; C:\WINDOWS\System32\drivers\HID_PCI.sys [30816 2016-05-24] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [98968 2017-10-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1017312 2019-01-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 ISH; C:\WINDOWS\System32\drivers\ISH.sys [140896 2016-06-05] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel)
R3 ISH_BusDriver; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [78432 2016-06-08] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel)
S1 NetworkX; C:\Windows\SysWOW64\ckldrv.sys [31846 2006-01-10] () [File not signed]
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8623128 2018-04-04] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [424384 2018-02-27] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3149824 2016-11-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [132952 2019-03-07] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-08-30] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-11-15] (AVG Technologies CZ, s.r.o. -> AVG Netherlands B.V.)
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [41992 2017-03-31] (Intel(R) Software -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-06-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [313384 2018-06-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-07] (Microsoft Windows -> Microsoft Corporation)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-08 08:08 - 2019-05-08 08:09 - 000040723 ____C C:\Users\Saman\Desktop\FRST.txt
2019-05-07 13:59 - 2019-05-07 13:59 - 000000000 ____D C:\ProgramData\PC-Doctor, Inc
2019-05-07 13:58 - 2019-05-07 13:58 - 000402344 ____C (Dell Inc.) C:\Users\Saman\Downloads\SupportAssistLauncher.exe
2019-05-07 00:57 - 2019-05-07 00:57 - 000000000 ___RD C:\Users\Saman\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2019-05-06 23:16 - 2019-05-06 23:15 - 000110968 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2019-05-06 23:14 - 2019-05-06 23:14 - 000000000 ___DC C:\Users\Saman\AppData\LocalLow\Oracle
2019-05-06 22:58 - 2019-05-06 22:58 - 007025360 ____C (Malwarebytes) C:\Users\Saman\Desktop\adwcleaner_7.3.exe
2019-05-06 21:24 - 2019-05-06 21:24 - 002430464 ____C (Farbar) C:\Users\Saman\Desktop\FRST64.exe
2019-05-06 21:15 - 2019-05-06 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rivet Networks
2019-05-06 21:15 - 2019-05-06 21:15 - 000000000 ____D C:\Program Files\Rivet Networks
2019-05-06 21:08 - 2019-05-06 21:08 - 000000000 _____ C:\WINDOWS\invcol.tmp
2019-05-06 18:58 - 2019-05-06 23:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-05-04 14:21 - 2019-05-04 14:21 - 000002585 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002561 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-05-04 14:21 - 2019-05-04 14:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-04-30 08:30 - 2019-04-30 08:30 - 000000000 ____D C:\WINDOWS\Panther
2019-04-29 15:51 - 2019-04-29 15:51 - 000000000 ___DC C:\Users\Saman\Documents\GOMPlayer
2019-04-26 08:58 - 2019-04-26 08:58 - 000000000 ___DC C:\Users\Saman\AppData\Roaming\Software602
2019-04-26 08:57 - 2019-04-26 08:57 - 000000000 ____D C:\Program Files\Software602
2019-04-26 08:56 - 2019-04-26 08:58 - 000000000 ___DC C:\Users\Saman\AppData\Roaming\602XML
2019-04-26 08:56 - 2019-04-26 08:57 - 000000000 ___DC C:\Users\Saman\AppData\Roaming\602Installer
2019-04-26 08:56 - 2019-04-26 08:56 - 000001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software602 Form Filler.lnk
2019-04-26 08:56 - 2019-04-26 08:56 - 000001186 _____ C:\Users\Public\Desktop\Software602 Form Filler.lnk
2019-04-26 08:56 - 2019-04-26 08:56 - 000000000 ____D C:\Program Files (x86)\Software602
2019-04-26 08:56 - 2018-05-31 05:26 - 001839520 _____ C:\WINDOWS\system32\602convert.dll
2019-04-26 08:56 - 2018-05-31 05:26 - 000054864 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\602localmon.dll
2019-04-26 08:56 - 2018-05-31 05:26 - 000040016 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\602localui.dll
2019-04-26 08:56 - 2014-10-14 11:53 - 004940800 _____ (NiXPS NV) C:\WINDOWS\system32\NiXPS.dll
2019-04-24 19:48 - 2019-04-24 19:48 - 000362928 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2019-04-12 23:22 - 2019-04-24 19:48 - 000000077 _____ C:\WINDOWS\system32\Drivers\avgSP.sys.sum
2019-04-11 18:18 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-11 18:18 - 2019-04-02 14:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-11 18:18 - 2019-04-02 14:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-11 18:18 - 2019-04-02 14:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-11 18:18 - 2019-04-02 14:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-11 18:18 - 2019-04-02 14:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-11 18:18 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-11 18:18 - 2019-04-02 11:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-11 18:18 - 2019-04-02 11:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-11 18:18 - 2019-04-02 11:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-11 18:18 - 2019-04-02 11:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-11 18:18 - 2019-04-02 11:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-11 18:18 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-11 18:18 - 2019-04-02 10:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-11 18:18 - 2019-04-02 10:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-11 18:18 - 2019-04-02 10:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-11 18:18 - 2019-04-02 10:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-11 18:18 - 2019-04-02 10:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-11 18:18 - 2019-04-02 10:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-11 18:18 - 2019-04-02 09:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-11 18:18 - 2019-04-02 09:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-11 18:18 - 2019-04-02 09:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-11 18:18 - 2019-04-02 09:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-11 18:18 - 2019-04-02 09:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-11 18:18 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-11 18:18 - 2019-04-02 09:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-11 18:18 - 2019-04-02 09:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-11 18:18 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-11 18:18 - 2019-04-02 09:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-11 18:18 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-11 18:18 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-11 18:18 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-11 18:18 - 2019-04-02 06:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-11 18:18 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-11 18:18 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-11 18:18 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-11 18:18 - 2019-04-02 06:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-11 18:18 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-11 18:18 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-11 18:18 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-11 18:18 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-11 18:18 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-11 18:18 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-11 18:18 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-11 18:18 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-11 18:18 - 2019-03-14 10:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-11 18:18 - 2019-03-14 10:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-11 18:18 - 2019-03-14 10:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-11 18:18 - 2019-03-14 10:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-11 18:18 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-11 18:18 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-11 18:18 - 2019-03-14 10:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-11 18:18 - 2019-03-14 10:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-11 18:18 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-11 18:18 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-11 18:18 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-11 18:18 - 2019-03-14 10:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-11 18:18 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-11 18:18 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-11 18:18 - 2019-03-14 10:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-11 18:18 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-11 18:18 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-11 18:18 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-11 18:18 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-11 18:18 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-11 18:18 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-11 18:18 - 2019-03-14 10:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-11 18:18 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-11 18:18 - 2019-03-14 09:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-11 18:18 - 2019-03-14 09:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-11 18:18 - 2019-03-14 09:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-11 18:18 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-11 18:18 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-11 18:18 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-11 18:18 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-11 18:18 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-11 18:18 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-11 18:18 - 2019-03-14 09:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-11 18:18 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-11 18:18 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-11 18:18 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-11 18:18 - 2019-03-14 09:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-11 18:18 - 2019-03-14 09:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-11 18:18 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-11 18:18 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-11 18:18 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-11 18:18 - 2019-03-14 09:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-11 18:18 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-11 18:18 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-11 18:17 - 2019-04-02 14:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-11 18:17 - 2019-04-02 14:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-11 18:17 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-11 18:17 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-11 18:17 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-11 18:17 - 2019-04-02 14:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-11 18:17 - 2019-04-02 14:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-11 18:17 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-11 18:17 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-11 18:17 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-11 18:17 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-11 18:17 - 2019-04-02 11:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-11 18:17 - 2019-04-02 10:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-11 18:17 - 2019-04-02 10:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-11 18:17 - 2019-04-02 10:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-11 18:17 - 2019-04-02 10:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-11 18:17 - 2019-04-02 10:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-11 18:17 - 2019-04-02 10:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-11 18:17 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-11 18:17 - 2019-04-02 10:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-11 18:17 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-11 18:17 - 2019-04-02 10:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-11 18:17 - 2019-04-02 10:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-11 18:17 - 2019-04-02 09:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-11 18:17 - 2019-04-02 09:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-11 18:17 - 2019-04-02 09:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-11 18:17 - 2019-04-02 09:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-11 18:17 - 2019-04-02 09:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-11 18:17 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-11 18:17 - 2019-04-02 09:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-11 18:17 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-11 18:17 - 2019-04-02 08:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-11 18:17 - 2019-04-02 07:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-11 18:17 - 2019-04-02 07:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-11 18:17 - 2019-04-02 06:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-11 18:17 - 2019-04-02 06:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-11 18:17 - 2019-04-02 06:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-11 18:17 - 2019-04-02 06:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-11 18:17 - 2019-04-02 06:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-11 18:17 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-11 18:17 - 2019-03-16 14:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-11 18:17 - 2019-03-16 11:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-11 18:17 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-11 18:17 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-11 18:17 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-11 18:17 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-11 18:17 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-11 18:17 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-11 18:17 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-11 18:17 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-11 18:17 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-11 18:17 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-11 18:17 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-11 18:17 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-11 18:17 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-11 18:17 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-11 18:17 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-11 18:17 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-11 18:17 - 2019-03-14 10:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-11 18:17 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-11 18:17 - 2019-03-14 10:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-11 18:17 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-11 18:17 - 2019-03-14 10:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-11 18:17 - 2019-03-14 10:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-11 18:17 - 2019-03-14 10:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-11 18:17 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-11 18:17 - 2019-03-14 10:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-11 18:17 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-11 18:17 - 2019-03-14 10:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-11 18:17 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-11 18:17 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-11 18:17 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-11 18:17 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-11 18:17 - 2019-03-14 10:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-11 18:17 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-11 18:17 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-11 18:17 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-11 18:17 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-11 18:17 - 2019-03-14 10:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-11 18:17 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-11 18:17 - 2019-03-14 10:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-11 18:17 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-11 18:17 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-11 18:17 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-11 18:17 - 2019-03-14 09:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-11 18:17 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-11 18:17 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-11 18:17 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-11 18:17 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-11 18:17 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-11 18:17 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-11 18:17 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-11 18:17 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-11 18:17 - 2019-03-14 09:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-11 18:17 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-11 18:17 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-11 18:17 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-11 18:17 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-11 18:17 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-11 18:17 - 2019-03-14 09:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-11 18:17 - 2019-03-14 09:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-11 18:17 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-11 18:17 - 2019-03-14 09:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-11 18:17 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-11 18:17 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-11 18:17 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-11 18:17 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-11 18:17 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-11 18:17 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-11 18:17 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-11 18:17 - 2019-03-14 09:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-11 18:17 - 2019-03-14 03:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-11 18:17 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-11 18:17 - 2019-03-14 03:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-11 18:17 - 2019-03-14 03:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-11 18:17 - 2019-03-14 03:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-08 08:08 - 2017-04-24 11:24 - 000000000 ____D C:\FRST
2019-05-08 08:07 - 2017-03-27 18:20 - 000000000 ___DC C:\Users\Saman\AppData\LocalLow\Mozilla
2019-05-08 07:29 - 2018-05-21 11:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-08 04:28 - 2019-04-03 20:30 - 000002258 _____ C:\WINDOWS\System32\Tasks\SmartByte Telemetry
2019-05-08 04:28 - 2019-01-23 22:27 - 000002846 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-hodbod@fokus-mb.cz
2019-05-08 04:28 - 2019-01-06 21:12 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-05-08 04:28 - 2018-09-18 16:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-05-08 04:28 - 2018-05-21 11:49 - 000003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-08 04:28 - 2018-05-21 11:49 - 000003810 _____ C:\WINDOWS\System32\Tasks\PCDoctorBackgroundMonitorTask
2019-05-08 04:28 - 2018-05-21 11:49 - 000003530 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-05-08 04:28 - 2018-05-21 11:49 - 000003262 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2019-05-08 04:28 - 2018-05-21 11:49 - 000003258 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2019-05-08 04:28 - 2018-05-21 11:49 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-05-08 04:28 - 2018-05-21 11:49 - 000003100 _____ C:\WINDOWS\System32\Tasks\PCDDataUploadTask
2019-05-08 04:28 - 2018-05-21 11:49 - 000003094 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2019-05-08 04:28 - 2018-05-21 11:49 - 000002996 _____ C:\WINDOWS\System32\Tasks\PCDEventLauncherTask
2019-05-08 04:28 - 2018-05-21 11:49 - 000002982 _____ C:\WINDOWS\System32\Tasks\SystemToolsDailyTest
2019-05-08 04:28 - 2018-05-21 11:49 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2246825409-3283599149-145179475-1001
2019-05-08 04:28 - 2018-05-21 11:49 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2246825409-3283599149-145179475-1003
2019-05-08 04:28 - 2018-05-21 11:49 - 000002304 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_PushButton
2019-05-08 04:28 - 2018-05-21 11:49 - 000002060 _____ C:\WINDOWS\System32\Tasks\Dell Cleanup
2019-05-08 04:26 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-08 00:37 - 2019-04-05 08:50 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2019-05-07 15:52 - 2018-05-21 11:49 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2019-05-07 15:12 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-07 13:59 - 2018-06-29 21:12 - 000000000 ____D C:\ProgramData\Packages
2019-05-07 13:59 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-07 13:59 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-07 13:59 - 2017-11-22 23:00 - 000000000 ___DC C:\Users\Saman\AppData\Roaming\PCDr
2019-05-07 13:59 - 2017-11-06 09:00 - 000000000 ___DC C:\Users\Saman\AppData\Local\Packages
2019-05-07 13:59 - 2017-01-15 04:05 - 000000000 ____D C:\ProgramData\PCDr
2019-05-07 13:58 - 2017-06-26 23:54 - 000000000 ____D C:\ProgramData\SupportAssist
2019-05-07 12:22 - 2017-07-10 10:52 - 000000000 ___DC C:\Users\Saman\AppData\Local\CrashDumps
2019-05-07 00:27 - 2018-05-21 11:50 - 001692472 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-07 00:27 - 2018-04-12 17:50 - 000718750 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-07 00:27 - 2018-04-12 17:50 - 000145490 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-07 00:22 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2019-05-07 00:20 - 2018-05-21 11:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-07 00:20 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-05-07 00:20 - 2017-03-27 17:53 - 000000000 __SHD C:\Users\Saman\IntelGraphicsProfiles
2019-05-06 23:19 - 2019-02-14 00:41 - 000001381 _____ C:\Users\Public\Desktop\Skype.lnk
2019-05-06 23:19 - 2019-02-14 00:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-05-06 23:16 - 2018-10-19 13:28 - 000000000 ____D C:\Program Files\Java
2019-05-06 23:16 - 2017-11-23 22:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-05-06 23:16 - 2017-11-23 22:38 - 000000000 ____D C:\Program Files (x86)\Java
2019-05-06 23:15 - 2018-10-19 13:29 - 000110968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2019-05-06 23:14 - 2017-11-23 22:38 - 000099192 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-05-06 23:08 - 2017-03-27 18:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-06 23:05 - 2018-01-13 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-05-06 23:04 - 2017-04-25 08:23 - 000000000 ____D C:\AdwCleaner
2019-05-06 21:15 - 2019-04-03 20:30 - 000000000 ____D C:\ProgramData\RivetNetworks
2019-05-06 20:56 - 2017-03-27 18:07 - 000000000 ___DC C:\Users\Saman\AppData\Roaming\vlc
2019-05-06 20:35 - 2017-03-27 18:19 - 000000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-05-06 20:23 - 2018-05-21 11:43 - 000000000 ___DC C:\Users\Saman\AppData\Local\Google
2019-05-06 20:23 - 2017-04-24 10:34 - 000000000 ____D C:\Program Files (x86)\Google
2019-05-06 20:21 - 2017-03-28 12:27 - 000000000 ___DC C:\Users\Saman\Desktop\Dokumenty
2019-05-06 17:42 - 2017-03-27 21:05 - 000002262 ___HC C:\Users\Saman\Documents\Default.rdp
2019-05-04 14:19 - 2018-06-18 22:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-04-30 07:56 - 2018-05-21 11:43 - 000000000 ____D C:\Users\Účetní
2019-04-30 07:56 - 2018-05-21 11:43 - 000000000 ____D C:\Users\Saman
2019-04-30 07:56 - 2018-05-21 11:43 - 000000000 ____D C:\Users\defaultuser0
2019-04-29 18:27 - 2018-06-01 14:23 - 000000000 ___DC C:\Users\Saman\AppData\Local\D3DSCache
2019-04-25 08:19 - 2017-03-27 17:57 - 000000000 ____D C:\Program Files\CCleaner
2019-04-24 19:48 - 2019-01-14 16:49 - 000254680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2019-04-24 19:48 - 2019-01-11 20:33 - 000320672 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgblog.sys
2019-04-24 19:48 - 2019-01-11 20:33 - 000196560 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2019-04-24 19:48 - 2019-01-11 20:33 - 000058152 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2019-04-24 19:48 - 2019-01-11 20:33 - 000037368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2019-04-24 19:48 - 2018-10-19 12:08 - 000042336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2019-04-24 19:48 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-24 19:48 - 2017-12-13 12:46 - 000205656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2019-04-24 19:48 - 2017-04-24 10:34 - 001030832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2019-04-24 19:48 - 2017-04-24 10:34 - 000476824 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2019-04-24 19:48 - 2017-04-24 10:34 - 000385904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2019-04-24 19:48 - 2017-04-24 10:34 - 000220472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2019-04-24 19:48 - 2017-04-24 10:34 - 000166896 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2019-04-24 19:48 - 2017-04-24 10:34 - 000112360 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2019-04-24 19:48 - 2017-04-24 10:34 - 000087992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2019-04-24 18:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-23 10:46 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-16 00:34 - 2018-05-21 11:43 - 000002363 ____C C:\Users\Saman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-16 00:34 - 2017-03-27 17:54 - 000000000 ___RD C:\Users\Saman\OneDrive
2019-04-15 13:38 - 2018-06-03 21:31 - 000000000 ____D C:\Users\Saman\Ubiquiti UniFi
2019-04-14 03:06 - 2018-05-28 13:30 - 000485608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-14 03:05 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-14 03:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-14 03:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-10 21:01 - 2017-03-27 20:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 20:25 - 2017-03-27 20:29 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-10 07:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-10 07:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed

==================== Files in the root of some directories =======

1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Users\Saman\MUIvPRYe.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Program Files (x86)\JUAOXWaIOHlKi.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Program Files (x86)\SizEFAyRC.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000178688 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\iEYSvEMCaG.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000178688 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\qbPihieEoD.exe
2019-01-02 12:42 - 2019-01-02 12:42 - 000178176 _RSHC () C:\Users\Saman\AppData\Roaming\Eset.exe
2019-05-03 16:31 - 2019-05-03 16:31 - 000370070 ____C () C:\Users\Saman\AppData\Roaming\logo_empire_desktop.ico
2019-01-02 12:42 - 2019-01-02 12:42 - 000151648 ____C (Microsoft Corporation) C:\Users\Saman\AppData\Roaming\trz54EE.tmp
2019-01-02 12:42 - 2019-01-02 12:42 - 001499136 ____C (Microsoft Corporation) C:\Users\Saman\AppData\Roaming\trz55DA.tmp
2019-01-02 12:42 - 2019-01-02 12:42 - 000152160 _RSHC (Microsoft Corporation) C:\Users\Saman\AppData\Roaming\trz7684.tmp
2019-01-02 12:44 - 2019-01-02 12:44 - 000000000 ____C () C:\Users\Saman\AppData\Roaming\unp143388093.tmp
1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____C (Microsoft Corporation) C:\Users\Saman\AppData\Local\EOZgJM.exe
2018-06-18 21:05 - 2018-06-18 21:05 - 000140800 ____C () C:\Users\Saman\AppData\Local\installer.dat
2019-01-23 22:27 - 2019-01-23 22:27 - 000000000 ____C () C:\Users\Saman\AppData\Local\oobelibMkey.log
2018-06-18 21:04 - 2018-06-18 21:04 - 000000003 ____C () C:\Users\Saman\AppData\Local\wbem.ini

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05.2019
Ran by Saman (08-05-2019 08:09:27)
Running from C:\Users\Saman\Desktop
Windows 10 Home Version 1803 17134.706 (X64) (2018-05-21 09:50:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2246825409-3283599149-145179475-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2246825409-3283599149-145179475-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2246825409-3283599149-145179475-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2246825409-3283599149-145179475-501 - Limited - Disabled)
Saman (S-1-5-21-2246825409-3283599149-145179475-1001 - Administrator - Enabled) => C:\Users\Saman
WDAGUtilityAccount (S-1-5-21-2246825409-3283599149-145179475-504 - Limited - Disabled)
Účetní (S-1-5-21-2246825409-3283599149-145179475-1003 - Limited - Enabled) => C:\Users\Účetní

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{8c595286-0f9e-42de-a0d4-969aba282637}) (Version: 20.50.0 - Intel Corporation)
ApowerREC V1.3.4.4 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.3.4.4 - Apowersoft LIMITED)
AVG (HKLM\...\{136B57DF-DA9E-4361-A165-09AB4422BCD1}) (Version: 1.231.3 - AVG Technologies) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.4.3089 - AVG Technologies)
AVG Driver Updater (HKLM-x32\...\{BAAB946F-7E00-41F4-BEC7-B8CCF758E012}) (Version: 2.3.0 - AVG Netherlands B.V) Hidden
AVG Driver Updater (HKLM-x32\...\AVG Driver Updater) (Version: 2.3.0 - AVG Netherlands B.V)
AVG PC TuneUp (HKLM-x32\...\{52B6D655-9038-4290-B710-0E568F806155}) (Version: 16.80.3 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.80.3.38236 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.47 - Piriform)
CDisplayEx 1.10.33 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
DataNumen NTFS Undelete v2.0 (HKLM-x32\...\DataNumen NTFS Undelete v2.0) (Version: - )
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.4.2.0 - Dell Inc.) Hidden
Dell Digital Delivery Services (HKLM-x32\...\{82157E05-6529-4355-9271-5160703457A7}) (Version: 4.0.28.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{0309AC01-330F-494C-B27D-58E297E4674F}) (Version: 3.2.1.94 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
Dell SupportAssist Remediation (HKLM\...\{5832D99C-C9C6-437F-861C-43ED6333956F}) (Version: 4.1.0.6828 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{48253a97-70d4-4166-9a2b-80b3bb2fcc75}) (Version: 4.1.0.6828 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{ED23034C-BB55-432A-B216-C3DCC768A7D3}) (Version: 4.1.0.6828 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{de2492a6-682a-49a4-87be-f8448e1af207}) (Version: 4.1.0.6828 - Dell Inc.)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.0.1 - Dell Inc.)
FMW 1 (HKLM\...\{4CC5FB14-3F4D-4FA8-B921-00A9B40145C4}) (Version: 1.227.45 - AVG Technologies) Hidden
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.40.5302 - GOM & Company)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.1.318 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1058 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.0.2.1076 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.139.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{fd62de85-bda9-4280-a95b-fa2f86e0dc58}) (Version: 1.48.139.0 - Intel Corporation) Hidden
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{97F4CEAE-8F2B-4012-93CC-75428373214D}) (Version: 19.00.1621.3340 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Integrated Sensor Solution (HKLM-x32\...\{b3c2a365-876b-4588-97ce-5ab104b07d57}) (Version: 3.0.30.1076 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
ISS_Drivers_x64 (HKLM\...\{7F65AED2-5B3C-40DD-996B-6F8820856F34}) (Version: 3.0.30.1076 - Intel Corporation) Hidden
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Master PDF Editor 3.6 (HKLM\...\Master PDF Editor 3_is1) (Version: 3.6.17 - Code Industry Ltd.)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9179.0 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\Proplus2019Retail - cs-cz) (Version: 16.0.11601.20144 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2246825409-3283599149-145179475-1003\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Project Professional 2019 - cs-cz (HKLM\...\ProjectPro2019Retail - cs-cz) (Version: 16.0.11601.20144 - Microsoft Corporation)
Microsoft Visio Professional 2019 - cs-cz (HKLM\...\VisioPro2019Retail - cs-cz) (Version: 16.0.11601.20144 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{cb41fc68-4442-4f7f-b22f-8f31c74897ac}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 66.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.4 (x64 cs)) (Version: 66.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.4.7063 - Mozilla)
NTFS Undelete 3.0.6.923 (HKLM-x32\...\NTFS Undelete_is1) (Version: - Copyright © 2011 eSupport.com • All Rights Reserved)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{E8FA8815-3817-4128-A814-E2EAC456ADF0}) (Version: 4.0.21 - dotPDN LLC)
QuickSet64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.37 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31241 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8158 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11224 - Realtek Semiconductor Corp.)
Registrace produktu (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:) Hidden
Registrace produktu Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:)
Skype verze 8.44 (HKLM-x32\...\Skype_is1) (Version: 8.44 - Skype Technologies S.A.)
SmartByte Drivers and Services (HKLM\...\{CAFD2E75-129F-42AD-8258-0FC494ACBD8E}) (Version: 2.5.719 - Název společnosti:)
Software602 Form Filler (HKLM-x32\...\{9210AEE3-6ECB-4271-A125-1039E94A6A51}) (Version: 4.75 - Software602 a.s.)
STORMWARE POHODA Start CZ (HKLM-x32\...\{9048A3CC-D8F1-46FD-91D4-1D157BE71447}) (Version: 11601.12 - STORMWARE)
Ubiquiti UniFi (remove only) (HKLM-x32\...\Ubiquiti UniFi) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
WinRAR 5.60 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.84 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2246825409-3283599149-145179475-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2019-01-10] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxDTCM.dll [2017-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [2010-10-25] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-04-24] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-04-24 10:26 - 2017-04-24 10:25 - 048920064 _____ () [File not signed] C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2019-02-28 15:33 - 2019-02-28 15:33 - 000018432 _____ () [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.HSA.Server.dll
2019-02-14 00:41 - 2019-04-25 21:20 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-02-14 00:41 - 2019-04-25 21:20 - 002901504 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2019-04-11 00:43 - 2019-04-11 00:43 - 000016384 _____ () [File not signed] C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.36.0_x64__htrsf667h5kn2\Dell.D3.HSA.Client.dll
2019-04-11 00:43 - 2019-04-11 00:43 - 023186432 _____ () [File not signed] C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.36.0_x64__htrsf667h5kn2\Dell.D3.UWP.dll
2017-05-15 14:39 - 2016-03-21 22:15 - 000027648 _____ (Copyright (c) Code Industry Ltd ) [File not signed] C:\WINDOWS\System32\mpelocalmon.dll
2016-03-02 12:16 - 2016-03-02 12:16 - 000335872 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2019-02-14 00:41 - 2019-04-25 21:20 - 015257088 _____ (Node.js) [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\node.dll
2019-03-07 10:24 - 2019-03-07 10:24 - 000102400 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2019-04-06 01:14 - 2016-10-17 18:29 - 003842048 _____ (Terra Informatica Software, Inc.) [File not signed] C:\Program Files\Zoner\Photo Studio 19\Program32\sciter32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\sharepoint.com -> hxxps://fokusmb-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2019-01-08 09:37 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-2246825409-3283599149-145179475-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Saman\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
HKU\S-1-5-21-2246825409-3283599149-145179475-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "rundll32"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKU\S-1-5-21-2246825409-3283599149-145179475-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{2F7D00EA-4FC8-4CCF-BCCB-924A3552D179}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{627EAFF0-4553-4218-9B44-6547626290AB}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2A120F8A-ABEC-463C-94B6-C0B4A0B6026E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5B7415FE-07F5-48D4-8389-F8BF812DBD6E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5CA7D9F1-5185-4CC3-8A45-E9D77EC7E130}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EF4AC5D4-AE77-45A2-BFE2-3E62756C4183}] => (Allow) C:\Users\Saman\MUIvPRYe.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E7E5759C-F41A-4BB5-913E-E790751B2F17}] => (Allow) C:\Program Files (x86)\SizEFAyRC.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2EF882F4-84F3-455F-8532-01375FA54318}] => (Allow) C:\WINDOWS\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3E9A502F-DA74-4F90-AD73-8C56344348C6}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{919BA639-EF3D-4284-BBE2-F1A9972FF021}] => (Allow) C:\Users\Saman\AppData\Local\EOZgJM.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4CDAF56C-B24B-4A6F-ACD1-7F276B793AA6}] => (Allow) C:\Program Files (x86)\JUAOXWaIOHlKi.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{75053631-D1C3-4E4C-88FE-761FD4902B0C}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{3B5D41C0-4E62-4751-BA61-A429FEBD06E5}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{7AF3A410-0EEF-42D0-B524-D469A8BC63D4}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{AC85CA43-3EED-4098-91BE-FCE4657709F7}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F74F1B53-2265-4644-8E9F-E92C68997DE7}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5A061A99-6323-43C1-8B7A-7F072151B27F}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{5EB701BF-EDA2-4ADC-A435-879FD9391771}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{D1211470-8598-4262-8B40-2FFA419D7584}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{91B8C655-2B5A-4D5A-8989-FEB62CE68926}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{99B2B2B1-4302-40FA-9AEC-205BA158232F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E57FDD00-33D3-4072-8F60-768F3D9A9FF0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{193CBF49-6AEE-4065-89FF-47020DF16977}] => (Allow) C:\Users\Saman\Ubiquiti UniFi\bin\mongod.exe () [File not signed]
FirewallRules: [{E8EA9313-6C92-42AC-AAC4-B9916140ED6F}] => (Allow) C:\Users\Saman\Ubiquiti UniFi\bin\mongod.exe () [File not signed]
FirewallRules: [{39EDF938-6890-49D3-AB01-284FDED1BD19}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{9D778120-7EF6-4F12-8002-41AEAE8DE2E8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{5B1F2FA5-5A09-45C7-A185-A375772D343B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{87D1E84B-B1D1-438A-8AAF-ED2F055A1E43}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{328AE823-ADB3-4E81-9353-9FFDB5820DDF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{08CC95DA-E08A-4746-8B61-27F6F9A30B52}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{20E7023C-92BA-4501-AB25-80E4D8D2CE38}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C6761059-190D-4A8F-A35C-0428C6ECC8CA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{239E2629-085A-4A27-8C92-44438D14FC6A}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{C8A39C88-9D22-46EA-B4C2-2B0804723D2B}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{1F89BD09-452C-4025-9E51-20F915F7C116}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D92AC1A-4E5E-4A8C-B2D9-51BB15C87134}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{DEB900CD-473C-4945-8C2C-B7DACB3129FA}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\javaw.exe No File
FirewallRules: [UDP Query User{0D6F8039-E5D1-49A5-AE4C-A8E241AD4904}C:\program files\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\javaw.exe No File
FirewallRules: [TCP Query User{9C610199-54F0-4DE0-BDA8-CC29DC708075}C:\program files\java\jre1.8.0_191\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\java.exe No File
FirewallRules: [UDP Query User{A3D07ECC-E50B-4E70-8880-A11038CE54BC}C:\program files\java\jre1.8.0_191\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_191\bin\java.exe No File
FirewallRules: [{13C499FA-9844-44C8-9300-DAA82F13F13F}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{DA17D7CC-BC96-44BF-BBA1-A1C65B9BBEC2}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{C1DA8347-D03B-4BD8-8C17-FE7F7AE8797E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B79A971F-B638-4F72-8A67-C7C06A42633B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B4F71FF3-2299-4751-B6D1-D6F009DB6038}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{54EE2040-9286-412E-BC8F-4FAE916FC47A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

26-04-2019 08:56:00 Installed Software602 Form Filler.
04-05-2019 20:27:35 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/08/2019 08:06:36 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 114399787 ms

DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]


Policy: Passive Policy [1]

Error: (05/08/2019 08:06:36 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 114399632 ms

DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]


Policy: Passive Policy [1]

Error: (05/08/2019 07:29:47 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 112186003 ms

DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]


Policy: Passive Policy [1]

Error: (05/08/2019 07:29:47 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 112185990 ms

DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]


Policy: Passive Policy [1]

Error: (05/08/2019 04:25:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SkypeApp.exe verze 8.44.0.40 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 39a0

Čas spuštění: 01d504da87edce40

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe

ID hlášení: 13964e5f-853f-42e4-bbaa-bfe3017b1b34

Úplný název balíčku s chybou: Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c

ID aplikace související s balíčkem s chybou: App

Error: (05/08/2019 01:23:11 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 90186782 ms

DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]


Policy: Passive Policy [1]

Error: (05/08/2019 01:23:11 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 90186673 ms

DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]


Policy: Passive Policy [1]

Error: (05/07/2019 11:00:27 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.3.10207.5567) TYPE: ERROR MODULE: DPTF TIME 81624488 ms

DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\..\Sources\Policies\PassivePolicy\PassivePolicy.cpp @ line 300
Executing Function: PassivePolicy::onDomainPerformanceControlCapabilityChanged
Message:
DPTF Build Version: 8.3.10207.5567
DPTF Build Date: Nov 2 2017 14:28:00
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 229
Executing Function: EsifServices::primitiveExecuteSetAsUInt32
Message: Error returned from ESIF services interface function call
Participant: TCPU [0]
Domain: CPU [1]
ESIF Primitive: SET_PERF_PRESENT_CAPABILITY [82]
ESIF Instance: 255
ESIF Return Code: ESIF_E_ACPI_EVAL_FAILURE [1105]


Policy: Passive Policy [1]


System errors:
=============
Error: (05/07/2019 03:27:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/07/2019 02:23:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/07/2019 12:44:48 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/07/2019 12:05:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/07/2019 11:32:51 AM) (Source: DCOM) (EventID: 10016) (User: SAMAN)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
a APPID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
uživateli SAMAN\Saman (SID: S-1-5-21-2246825409-3283599149-145179475-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/07/2019 11:25:54 AM) (Source: DCOM) (EventID: 10016) (User: SAMAN)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
a APPID
{9BA05972-F6A8-11CF-A442-00A0C90A8F39}
uživateli SAMAN\Saman (SID: S-1-5-21-2246825409-3283599149-145179475-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/07/2019 12:22:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Dell Data Vault bylo dosaženo časového limitu (30000 ms).

Error: (05/07/2019 12:20:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SpyEmrgHealth neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
===================================
Date: 2018-06-07 08:23:23.699
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Users\Saman\AppData\Local\Tempsystem.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.269.809.0, AS: 1.269.809.0, NIS: 1.269.809.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-06-07 08:12:56.129
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Users\Saman\AppData\Local\Tempsystem.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.241.296.0, AS: 1.241.296.0, NIS: 1.241.296.0
Verze modulu: AM: 1.1.13701.0, NIS: 1.1.13701.0

CodeIntegrity:
===================================

Date: 2018-10-23 18:37:40.871
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-23 18:37:40.863
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-23 13:50:06.858
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-23 13:50:06.858
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-23 12:51:36.923
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-23 12:51:20.231
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-23 12:51:19.891
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-10-23 12:51:04.662
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.27.0 01/18/2019
Motherboard: Dell Inc. 0M60Y2
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 46%
Total physical RAM: 8061.9 MB
Available physical RAM: 4324.29 MB
Total Virtual: 9341.9 MB
Available Virtual: 4208.86 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:228.47 GB) (Free:114.3 GB) NTFS
Drive d: () (Fixed) (Total:0.45 GB) (Free:0.44 GB) NTFS
Drive e: () (Removable) (Total:29.71 GB) (Free:10.61 GB) FAT32

\\?\Volume{97462f55-a7ca-447c-b4e2-65d0827c5b08}\ (Image) (Fixed) (Total:8.93 GB) (Free:0.55 GB) NTFS
\\?\Volume{b7d9c426-7bf4-4ee1-819c-2ca92a3ee32d}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 2 (Protective MBR) (Size: 29.7 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosba o kontrolu logu

#7 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Users\Saman\MUIvPRYe.exe
    File: C:\Program Files (x86)\JUAOXWaIOHlKi.exe
    File: C:\Program Files (x86)\SizEFAyRC.exe
    File: C:\Program Files (x86)\Common Files\iEYSvEMCaG.exe
    File: C:\Program Files (x86)\Common Files\qbPihieEoD.exe
    File: C:\Users\Saman\AppData\Roaming\Eset.exe
    File: C:\Users\Saman\AppData\Roaming\Eset.exe
    
    HKLM-x32\...\Run: [] => [X]
    Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
    FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
    Task: {328D09C0-19D1-47CA-BE7A-88B95817D6E2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {9A69A0A7-EF95-40AE-B313-ED731580EAED} - System32\Tasks\Adobe Acrobat Update Task
    Task: {9FDAEB5A-88F8-49C4-824C-B79B3AA4A1EE} - \Links Attachment to PDF -> No File <==== ATTENTION
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
    BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> No File
    BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> No File
    Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} -  No File
    Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} -  No File
    FF NewTabOverride: Mozilla\Firefox\Profiles\84z2v3mo.default -> Enabled: mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
    S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
    S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
    2019-05-06 21:08 - 2019-05-06 21:08 - 000000000 _____ C:\WINDOWS\invcol.tmp
    1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Users\Saman\MUIvPRYe.exe
    1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Program Files (x86)\JUAOXWaIOHlKi.exe
    1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Program Files (x86)\SizEFAyRC.exe
    1601-01-03 21:33 - 1601-01-03 21:33 - 000178688 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\iEYSvEMCaG.exe
    1601-01-03 21:33 - 1601-01-03 21:33 - 000178688 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\qbPihieEoD.exe
    2019-01-02 12:42 - 2019-01-02 12:42 - 000178176 _RSHC () C:\Users\Saman\AppData\Roaming\Eset.exe
    1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____C (Microsoft Corporation) C:\Users\Saman\AppData\Local\EOZgJM.exe
    C:\Users\Saman\AppData\Roaming\*.tmp
    ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    HKLM\...\StartupApproved\Run: => "rundll32"
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Gaganusin
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 06 kvě 2019 20:23

Re: Prosba o kontrolu logu

#8 Příspěvek od Gaganusin »

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-05.2019
Ran by Saman (09-05-2019 21:30:57) Run:1
Running from C:\Users\Saman\Desktop
Loaded Profiles: defaultuser0 & Saman & Účetní (Available Profiles: defaultuser0 & Saman & Účetní)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Users\Saman\MUIvPRYe.exe
File: C:\Program Files (x86)\JUAOXWaIOHlKi.exe
File: C:\Program Files (x86)\SizEFAyRC.exe
File: C:\Program Files (x86)\Common Files\iEYSvEMCaG.exe
File: C:\Program Files (x86)\Common Files\qbPihieEoD.exe
File: C:\Users\Saman\AppData\Roaming\Eset.exe
File: C:\Users\Saman\AppData\Roaming\Eset.exe

HKLM-x32\...\Run: [] => [X]
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {328D09C0-19D1-47CA-BE7A-88B95817D6E2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9A69A0A7-EF95-40AE-B313-ED731580EAED} - System32\Tasks\Adobe Acrobat Update Task
Task: {9FDAEB5A-88F8-49C4-824C-B79B3AA4A1EE} - \Links Attachment to PDF -> No File <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> No File
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> No File
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No File
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - No File
FF NewTabOverride: Mozilla\Firefox\Profiles\84z2v3mo.default -> Enabled: mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
S2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [X]
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
2019-05-06 21:08 - 2019-05-06 21:08 - 000000000 _____ C:\WINDOWS\invcol.tmp
1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Users\Saman\MUIvPRYe.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Program Files (x86)\JUAOXWaIOHlKi.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____N (Microsoft Corporation) C:\Program Files (x86)\SizEFAyRC.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000178688 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\iEYSvEMCaG.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000178688 ____N (Microsoft Corporation) C:\Program Files (x86)\Common Files\qbPihieEoD.exe
2019-01-02 12:42 - 2019-01-02 12:42 - 000178176 _RSHC () C:\Users\Saman\AppData\Roaming\Eset.exe
1601-01-03 21:33 - 1601-01-03 21:33 - 000059904 ____C (Microsoft Corporation) C:\Users\Saman\AppData\Local\EOZgJM.exe
C:\Users\Saman\AppData\Roaming\*.tmp
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\...\StartupApproved\Run: => "rundll32"

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 23676
Average :
Sum : 29536046661
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Users\Saman\MUIvPRYe.exe ========================

C:\Users\Saman\MUIvPRYe.exe
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0015~31bf3856ad364e35~amd64~~10.0.17134.1.cat
File is digitally signed
MD5: 12C17B5A5C2A7B97342C362CA467E9A2
Creation and modification date: 1601-01-03 21:33 - 1601-01-03 21:33
Size: 000059904
Attributes: ----N
Company Name: Microsoft Windows -> Microsoft Corporation
Internal Name: msiexec
Original Name: msiexec.exe
Product: Windows Installer - Unicode
Description: Windows® installer
File Version: 5.0.17134.1 (WinBuild.160101.0800)
Product Version: 5.0.17134.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/b656b13 ... 557366210/

====== End of File: ======


========================= File: C:\Program Files (x86)\JUAOXWaIOHlKi.exe ========================

C:\Program Files (x86)\JUAOXWaIOHlKi.exe
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0015~31bf3856ad364e35~amd64~~10.0.17134.1.cat
File is digitally signed
MD5: 12C17B5A5C2A7B97342C362CA467E9A2
Creation and modification date: 1601-01-03 21:33 - 1601-01-03 21:33
Size: 000059904
Attributes: ----N
Company Name: Microsoft Windows -> Microsoft Corporation
Internal Name: msiexec
Original Name: msiexec.exe
Product: Windows Installer - Unicode
Description: Windows® installer
File Version: 5.0.17134.1 (WinBuild.160101.0800)
Product Version: 5.0.17134.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/b656b13 ... 557366210/

====== End of File: ======


========================= File: C:\Program Files (x86)\SizEFAyRC.exe ========================

C:\Program Files (x86)\SizEFAyRC.exe
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0015~31bf3856ad364e35~amd64~~10.0.17134.1.cat
File is digitally signed
MD5: 12C17B5A5C2A7B97342C362CA467E9A2
Creation and modification date: 1601-01-03 21:33 - 1601-01-03 21:33
Size: 000059904
Attributes: ----N
Company Name: Microsoft Windows -> Microsoft Corporation
Internal Name: msiexec
Original Name: msiexec.exe
Product: Windows Installer - Unicode
Description: Windows® installer
File Version: 5.0.17134.1 (WinBuild.160101.0800)
Product Version: 5.0.17134.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/b656b13 ... 557366210/

====== End of File: ======


========================= File: C:\Program Files (x86)\Common Files\iEYSvEMCaG.exe ========================

C:\Program Files (x86)\Common Files\iEYSvEMCaG.exe
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0011~31bf3856ad364e35~amd64~~10.0.17134.1.cat
File is digitally signed
MD5: D09F4A346B2289629649A89AA050AB4B
Creation and modification date: 1601-01-03 21:33 - 1601-01-03 21:33
Size: 000178688
Attributes: ----N
Company Name: Microsoft Windows -> Microsoft Corporation
Internal Name: bitsadmin.exe
Original Name: bitsadmin.exe
Product: Microsoft® Windows® Operating System
Description: BITS administration utility
File Version: 7.8.17134.1 (WinBuild.160101.0800)
Product Version: 7.8.17134.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/ffabee8 ... 555792192/

====== End of File: ======


========================= File: C:\Program Files (x86)\Common Files\qbPihieEoD.exe ========================

C:\Program Files (x86)\Common Files\qbPihieEoD.exe
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0011~31bf3856ad364e35~amd64~~10.0.17134.1.cat
File is digitally signed
MD5: D09F4A346B2289629649A89AA050AB4B
Creation and modification date: 1601-01-03 21:33 - 1601-01-03 21:33
Size: 000178688
Attributes: ----N
Company Name: Microsoft Windows -> Microsoft Corporation
Internal Name: bitsadmin.exe
Original Name: bitsadmin.exe
Product: Microsoft® Windows® Operating System
Description: BITS administration utility
File Version: 7.8.17134.1 (WinBuild.160101.0800)
Product Version: 7.8.17134.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: 0

====== End of File: ======


========================= File: C:\Users\Saman\AppData\Roaming\Eset.exe ========================

C:\Users\Saman\AppData\Roaming\Eset.exe
File not signed
MD5: 2156F45B5F331A479FAB2A67DE932E9B
Creation and modification date: 2019-01-02 12:42 - 2019-01-02 12:42
Size: 000178176
Attributes: RASHC
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\Users\Saman\AppData\Roaming\Eset.exe ========================

C:\Users\Saman\AppData\Roaming\Eset.exe
File not signed
MD5: 2156F45B5F331A479FAB2A67DE932E9B
Creation and modification date: 2019-01-02 12:42 - 2019-01-02 12:42
Size: 000178176
Attributes: RASHC
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\System\CurrentControlSet\Control\Lsa\\Notification Packages => value restored successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{328D09C0-19D1-47CA-BE7A-88B95817D6E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{328D09C0-19D1-47CA-BE7A-88B95817D6E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9A69A0A7-EF95-40AE-B313-ED731580EAED}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A69A0A7-EF95-40AE-B313-ED731580EAED}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9FDAEB5A-88F8-49C4-824C-B79B3AA4A1EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FDAEB5A-88F8-49C4-824C-B79B3AA4A1EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Links Attachment to PDF" => not found
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6} => removed successfully
HKLM\Software\Classes\CLSID\{0F4B8786-5502-4803-8EBC-F652A1153BB6} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0F4B8786-5502-4803-8EBC-F652A1153BB6} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8}" => removed successfully
HKLM\Software\Classes\CLSID\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} => removed successfully
"Firefox NewTabOverride (mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233) " => removed successfully
HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect => removed successfully
HKLM\System\CurrentControlSet\Services\SpyEmrgHealth => removed successfully
SpyEmrgHealth => service removed successfully
HKLM\System\CurrentControlSet\Services\SWDUMon => removed successfully
SWDUMon => service removed successfully
C:\WINDOWS\invcol.tmp => moved successfully
C:\Users\Saman\MUIvPRYe.exe => moved successfully
C:\Program Files (x86)\JUAOXWaIOHlKi.exe => moved successfully
C:\Program Files (x86)\SizEFAyRC.exe => moved successfully
C:\Program Files (x86)\Common Files\iEYSvEMCaG.exe => moved successfully
C:\Program Files (x86)\Common Files\qbPihieEoD.exe => moved successfully
C:\Users\Saman\AppData\Roaming\Eset.exe => moved successfully
C:\Users\Saman\AppData\Local\EOZgJM.exe => moved successfully

=========== "C:\Users\Saman\AppData\Roaming\*.tmp" ==========

C:\Users\Saman\AppData\Roaming\trz54EE.tmp => moved successfully
C:\Users\Saman\AppData\Roaming\trz55DA.tmp => moved successfully
C:\Users\Saman\AppData\Roaming\trz7684.tmp => moved successfully
C:\Users\Saman\AppData\Roaming\unp143388093.tmp => moved successfully

========= End -> "C:\Users\Saman\AppData\Roaming\*.tmp" ========

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\rundll32" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\rundll32" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 163919547 B
Java, Flash, Steam htmlcache => 1271 B
Windows/system/drivers => 13310658 B
Edge => 1472153 B
Chrome => 0 B
Firefox => 26418505 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 5063164 B
systemprofile32 => 0 B
LocalService => 6656 B
LocalService => 0 B
NetworkService => 6656 B
NetworkService => 0 B
defaultuser0 => 6656 B
Saman => 43723054 B
Účetní => 276980 B

RecycleBin => 3363 B
EmptyTemp: => 253 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:31:48 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosba o kontrolu logu

#9 Příspěvek od Conder »

:arrow: Plocha ma cca 26 GB, co je prilis vela. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

:arrow: Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Gaganusin
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 06 kvě 2019 20:23

Re: Prosba o kontrolu logu

#10 Příspěvek od Gaganusin »

Ahoj, je to podstatně lepší. Nicméně PUP Optimal Legacy zůstvává, tedy nevím co to je, ale asi to nepotřebuju bych řekl. Přidávám výpis z Adw Cleanru. A děkuji za pomoc.

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-09-2019
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Not Deleted suggestqueries.google.com


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3040 octets] - [06/05/2019 23:04:44]
AdwCleaner[C00].txt - [2802 octets] - [06/05/2019 23:05:34]
AdwCleaner[S01].txt - [1397 octets] - [06/05/2019 23:15:42]
AdwCleaner[C01].txt - [1563 octets] - [06/05/2019 23:17:25]
AdwCleaner[S02].txt - [1519 octets] - [07/05/2019 00:19:19]
AdwCleaner[C02].txt - [1685 octets] - [07/05/2019 00:19:42]
AdwCleaner[S03].txt - [1641 octets] - [07/05/2019 00:22:00]
AdwCleaner[S04].txt - [1702 octets] - [07/05/2019 11:52:18]
AdwCleaner[S05].txt - [1763 octets] - [08/05/2019 20:51:58]
AdwCleaner[S06].txt - [1824 octets] - [09/05/2019 21:37:42]
AdwCleaner[S07].txt - [1885 octets] - [09/05/2019 22:06:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C07].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosba o kontrolu logu

#11 Příspěvek od Conder »

:arrow: Poprosim aj o log C:\AdwCleaner\AdwCleaner[S07].txt

:arrow: Kazdopadne toto by som ako problem nevidel, jedna sa o URL google.com, cize zrejme je to falosna detekcia AdwCleaneru.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Gaganusin
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 06 kvě 2019 20:23

Re: Prosba o kontrolu logu

#12 Příspěvek od Gaganusin »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-09-2019
# Duration: 00:00:13
# OS: Windows 10 Home
# Scanned: 27335
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

PUP.Optional.Legacy suggestqueries.google.com


AdwCleaner[S00].txt - [3040 octets] - [06/05/2019 23:04:44]
AdwCleaner[C00].txt - [2802 octets] - [06/05/2019 23:05:34]
AdwCleaner[S01].txt - [1397 octets] - [06/05/2019 23:15:42]
AdwCleaner[C01].txt - [1563 octets] - [06/05/2019 23:17:25]
AdwCleaner[S02].txt - [1519 octets] - [07/05/2019 00:19:19]
AdwCleaner[C02].txt - [1685 octets] - [07/05/2019 00:19:42]
AdwCleaner[S03].txt - [1641 octets] - [07/05/2019 00:22:00]
AdwCleaner[S04].txt - [1702 octets] - [07/05/2019 11:52:18]
AdwCleaner[S05].txt - [1763 octets] - [08/05/2019 20:51:58]
AdwCleaner[S06].txt - [1824 octets] - [09/05/2019 21:37:42]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S07].txt ##########

Gaganusin
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 06 kvě 2019 20:23

Re: Prosba o kontrolu logu

#13 Příspěvek od Gaganusin »

OKS, děkuji.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosba o kontrolu logu

#14 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Gaganusin
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 06 kvě 2019 20:23

Re: Prosba o kontrolu logu

#15 Příspěvek od Gaganusin »

Děkuji.

Odpovědět