Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

podivné cmd okno při startu počítače

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Tomshon
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 06 črc 2006 20:32
Kontaktovat uživatele:

podivné cmd okno při startu počítače

#1 Příspěvek od Tomshon »

Dobrý večer,
dostal jsem za úkol opravit jeden počítač. Nechtěl bootovat (stačilo přehodit pořadí bootování), ale při startu, hned po přihlášení, otevřel několik cmd oken, které vedly na na proces ss.exe, který "bydlí" jako hidden file v AppData/roaming. Podle vlastností je to visual basic skript, ale nezkoušel jsem ten exe rozbalit/dekompilovat, neb to zatím neumím.

Na stroji je AVG, nedetekuje žádný problém, pak nějaký mcAffee launcher, který vypadá, že ani nic nedetekuje, jen nabízí koupi mcaffeeho a pak jsem stáhl esetí online test, který už běží půl věčnosti. Tak jsem udělal FRST logy a snažně vás prosím o kontrolu a radu, co s tím. Smazat proces samozřejmě půjde, ale tipuju, že bude mít nějaké háčky ještě někde.¨

Protože jsem tipoval makrovirus, koukal jsem do normal.dot, zda není v makrech, a do excelu, zda není v addons, vypadá, že není.

Díky za pomoc!


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-05-2019
Ran by oem (16-05-2019 22:20:51)
Running from C:\Users\oem\Desktop
Microsoft Windows 10 Pro Version 1709 16299.1029 (X86) (2017-12-21 08:33:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2302488526-1930153894-2140200091-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2302488526-1930153894-2140200091-503 - Limited - Disabled)
Guest (S-1-5-21-2302488526-1930153894-2140200091-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2302488526-1930153894-2140200091-1006 - Limited - Enabled)
oem (S-1-5-21-2302488526-1930153894-2140200091-1000 - Administrator - Enabled) => C:\Users\oem
WDAGUtilityAccount (S-1-5-21-2302488526-1930153894-2140200091-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
7-Zip 15.14 (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMP WinOFF 5.0.1 (HKLM\...\AMP WinOFF) (Version: 5.0.1 - Alberto Martinez Perez)
Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 19.4.3089 - AVG Technologies)
AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.3.9.605 - AVG Technologies)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
FileViewPro (HKLM\...\FileViewPro_is1) (Version: 1.1.0.0 - Solvusoft Corporation)
Google Earth Pro (HKLM\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP Support Solutions Framework (HKLM\...\{79CA8D8A-8371-4146-8920-C1405318E65E}) (Version: 12.10.49.21 - Hewlett-Packard Company)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.1019.1 - McAfee, Inc.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Ovladač 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
O2 (HKLM\...\O2CZ) (Version: - O2)
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6013 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.7 - VS Revo Group, Ltd.)
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.93231 - TeamViewer)
Tinypic 3.16 (HKLM\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.16 - E. Fiedler)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.50a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UpdateAssistant (HKLM\...\{D66FEADA-C0EB-446E-955B-77E60B1FD5A1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 7 Codec Pack 2.5.0 (HKLM\...\Windows 7 - Codec Pack) (Version: - Windows 7 Codec Pack)
Windows Setup Remediations (x86) (KB4023057) (HKLM\...\{49cd2afd-8679-48a5-90ab-e7044bee2465}.sdb) (Version: - )
WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Zoner Photo Studio 9 (HKLM\...\Zoner Photo Studio 9_is1) (Version: - ZONER software)

Packages:
=========
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x86__8wekyb3d8bbwe [2018-02-19] (Microsoft Corporation)
Microsoft Telefon -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x86__8wekyb3d8bbwe [2018-09-10] (Microsoft Corporation)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x86__8wekyb3d8bbwe [2015-11-19] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZipper] -> {4F622628-7632-4B28-B184-D7BA0CA3273B} => C:\Program Files\WinZipper\eshellctx.dll -> No File
ContextMenuHandlers1: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 9\Program\SHELLEXT9.DLL [2006-09-24] (ZONER software) [File not signed]
ContextMenuHandlers2: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 9\Program\SHELLEXT9.DLL [2006-09-24] (ZONER software) [File not signed]
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WinRAR] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [WinZipper] -> {4F622628-7632-4B28-B184-D7BA0CA3273B} => C:\Program Files\WinZipper\eshellctx.dll -> No File
ContextMenuHandlers4: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 9\Program\SHELLEXT9.DLL [2006-09-24] (ZONER software) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZipper] -> {4F622628-7632-4B28-B184-D7BA0CA3273B} => C:\Program Files\WinZipper\eshellctx.dll -> No File
ContextMenuHandlers6: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 9\Program\SHELLEXT9.DLL [2006-09-24] (ZONER software) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2010-03-03 02:00 - 2010-03-03 02:00 - 003672064 _____ () [File not signed] C:\Windows\system32\ffdshow.ax
2009-11-14 20:11 - 2009-11-14 20:11 - 000024576 _____ () [File not signed] C:\Windows\system32\mkunicode.dll
2009-11-14 20:11 - 2009-11-14 20:11 - 000150016 _____ () [File not signed] C:\Windows\system32\mkx.dll
2009-11-14 20:11 - 2009-11-14 20:11 - 000080384 _____ () [File not signed] C:\Windows\system32\mkzlib.dll
2009-11-14 20:11 - 2009-11-14 20:11 - 000141824 _____ () [File not signed] C:\Windows\system32\mp4.dll
2009-11-14 20:12 - 2009-11-14 20:12 - 000550400 _____ () [File not signed] C:\Windows\system32\splitter.ax
2010-11-02 12:11 - 2010-11-02 12:11 - 001069568 _____ (ATLAS consulting, spol. s r.o.) [File not signed] C:\Program Files\ATLAS consulting\RegServer\RegSrv.exe
2009-07-14 02:58 - 2009-07-14 03:15 - 000217600 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNBLM4.DLL
2011-12-07 18:53 - 2009-07-14 03:15 - 000071168 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\W32X86\CNBPP4.DLL
2009-11-14 02:47 - 2009-11-14 02:47 - 000999424 _____ (DivX, Inc.) [File not signed] C:\Windows\system32\divxdec.ax
2009-11-14 02:47 - 2009-11-14 02:47 - 000629760 _____ (DivX, Inc.) [File not signed] C:\Windows\system32\DivXDecH264.ax
2019-05-16 20:34 - 2019-05-16 20:34 - 001121280 _____ (ESET) [File not signed] C:\Users\oem\AppData\Local\ESET\ESETOnlineScanner\esets_apiW_a.DLL
2008-08-27 00:11 - 2008-08-27 00:11 - 000987136 _____ (Gabest) [File not signed] C:\Windows\system32\VSFilter.dll
2016-02-09 12:04 - 2015-12-31 16:25 - 000049664 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-12-21 10:20 - 2017-12-21 10:20 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2017-12-21 10:07 - 2016-11-14 11:45 - 001220424 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:D4D38596 [248]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2019-05-16 20:30 - 000004301 _____ C:\WINDOWS\system32\drivers\etc\hosts

0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 a-msedge.net
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.atdmt.com

There are 79 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\oem\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 10.0.0.138 - 8.8.4.4
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9CE5B450-0160-4FC5-9633-663EF0A1CF99}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe No File
FirewallRules: [{18FD551C-BBDE-474D-8095-02C8CE6F40E5}] => (Allow) C:\Program Files\AVG\Av\avgmfapx.exe No File
FirewallRules: [{C96F3609-747A-4879-BB98-B33CC4B1E9ED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5711D801-2EBD-4908-BCE4-D2C44F6EE873}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E7E8484C-77DD-4EE9-9490-025DCC62A8A9}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
FirewallRules: [{FA304DBC-7E8A-4F20-8F90-768344BDD83D}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
FirewallRules: [TCP Query User{E80F5D2B-29DD-4A0C-B5BF-85DD9A5486CF}C:\program files\teamspeak2_rc2\server_windows.exe] => (Allow) C:\program files\teamspeak2_rc2\server_windows.exe No File
FirewallRules: [UDP Query User{85B46DC9-68E3-4E9A-B828-C0A53E815050}C:\program files\teamspeak2_rc2\server_windows.exe] => (Allow) C:\program files\teamspeak2_rc2\server_windows.exe No File
FirewallRules: [{CBE1743C-5BF7-4DE2-87B2-CBDAF5B81F96}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4B0D9E27-307A-43E7-AD83-AB62D345E81B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D2039B8F-445F-483D-98DB-92E55ACE9C82}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
FirewallRules: [{1B65790A-35C5-4FD5-B887-21987522EA41}] => (Allow) C:\Windows\System32\spool\drivers\w32x86\3\HP1006MC.EXE (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
FirewallRules: [{CAEA6128-4AF3-44C7-BEC1-6C4ECA3CF407}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe No File
FirewallRules: [{83A30197-7E5E-4598-9C7C-BB4886F47C70}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe No File
FirewallRules: [{768EC085-14B6-47D9-8D97-D905D9BEDC03}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF5359DF-617F-4589-8025-40A0D2216A90}] => (Allow) LPort=12343
FirewallRules: [{3CE53E13-6E85-4319-A5D8-6490A3591E11}] => (Allow) LPort=12381
FirewallRules: [{D970B800-A70A-40BE-988C-92F45E25D4B2}] => (Allow) LPort=12343
FirewallRules: [{0163BDDA-6C62-47B2-8CC7-9253E1BDF579}] => (Allow) LPort=12381
FirewallRules: [{92F13B23-1DBA-45A3-8084-0AC8FBFAB590}] => (Allow) C:\Users\oem\AppData\Roaming\uTorrent\utorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [{96CE18FE-AB18-48DF-8DA1-6EC6486B883E}] => (Allow) C:\Users\oem\AppData\Roaming\uTorrent\utorrent.exe (BitTorrent Inc.) [File not signed]
FirewallRules: [{FA932AEA-5AEC-48FB-B473-C2AA5721A2AF}] => (Allow) LPort=12343
FirewallRules: [{01056937-F90E-437E-9DFD-FE3DEACADB28}] => (Allow) LPort=12381
FirewallRules: [{B673F769-3340-4C36-B22C-6E0D0B32B45C}] => (Allow) C:\Users\oem\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C1C4CF55-0765-48C0-880F-D605F85A4A2D}] => (Allow) C:\Users\oem\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{DFD2AD5A-07E6-47B8-805A-E5295CB6C5AF}] => (Allow) LPort=12343
FirewallRules: [{D239A862-7B5D-4612-968D-824F24992E7D}] => (Allow) LPort=12381
FirewallRules: [{25596415-2827-452F-8C6E-5CE8EE94FF54}] => (Allow) LPort=12343
FirewallRules: [{20446DF3-2DBE-46B4-8F81-E3CD3C1A024D}] => (Allow) LPort=12381
FirewallRules: [{1E4A21A0-A151-4D3E-BCEE-B299062E6601}] => (Allow) LPort=12343
FirewallRules: [{B9500F46-72BE-41A2-B6A4-392ABABBD511}] => (Allow) LPort=12381
FirewallRules: [TCP Query User{5CE009D2-6825-4DA2-B980-EA0D4A770B36}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe No File
FirewallRules: [UDP Query User{83B022C6-AA61-4148-9D46-77A51373EFDD}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe No File
FirewallRules: [{F5C052C1-13B4-4534-87CB-17DB55C1E0F1}] => (Allow) LPort=12343
FirewallRules: [{6891952D-E094-4B87-8585-1F6FEF38B858}] => (Allow) LPort=12381
FirewallRules: [{69060CEA-3282-4F28-86FC-C38CD2230A4A}] => (Allow) LPort=12343
FirewallRules: [{135323B6-4949-4389-BEAF-CC2507631A29}] => (Allow) LPort=12381
FirewallRules: [{F678FB3F-7D07-4BD0-B66F-7E5B8906426A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6D893617-907F-4AAD-9BE1-7BF7242700B8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{14BE5013-2D25-49F9-8606-E610E9BAF167}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{A85B89CB-0600-46CE-A390-A5F914A4C6B9}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{99C49B2A-2B0B-43B9-8B4F-BD16544AAF81}F:\setup.exe] => (Allow) F:\setup.exe No File
FirewallRules: [UDP Query User{95CBD31C-799D-4165-960E-CED58479099A}F:\setup.exe] => (Allow) F:\setup.exe No File
FirewallRules: [{12E7370F-8C4C-4FB7-AF3A-3419AFC62729}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
StandardProfile\AuthorizedApplications: [C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe] => Enabled:Windows Messanger
StandardProfile\AuthorizedApplications: [C:\Users\oem\AppData\Roaming\SS.exe] => Enabled:Windows Messanger

==================== Restore Points =========================

23-04-2019 14:25:59 Naplánovaný kontrolní bod
02-05-2019 10:00:04 Windows Update
06-05-2019 10:11:11 Windows Update
09-05-2019 14:13:04 Windows Update
14-05-2019 08:11:22 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2019 12:44:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (05/15/2019 11:49:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15454

Error: (05/15/2019 11:49:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15454

Error: (05/15/2019 11:49:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/14/2019 04:03:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31562

Error: (05/14/2019 04:03:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31562

Error: (05/14/2019 04:03:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/14/2019 04:03:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15609


System errors:
=============
Error: (05/16/2019 08:37:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (05/16/2019 08:37:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (05/16/2019 08:37:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (05/16/2019 08:37:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (05/16/2019 08:37:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (05/16/2019 08:37:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (05/16/2019 08:37:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (05/16/2019 08:37:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.


CodeIntegrity:
===================================

Date: 2019-05-16 22:19:33.135
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-16 22:19:33.133
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-16 22:19:33.122
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-16 22:19:33.119
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-16 22:19:33.109
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-16 22:19:33.106
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-16 22:16:20.402
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-16 22:16:20.400
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.6 01/06/2010
Motherboard: MSI P55-CD53 (MS-7586)
Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 77%
Total physical RAM: 3319.11 MB
Available physical RAM: 762.54 MB
Total Virtual: 7415.11 MB
Available Virtual: 3125.75 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:595.63 GB) (Free:458.1 GB) NTFS
Drive d: (PHOTOS) (Fixed) (Total:312.97 GB) (Free:312.69 GB) NTFS
Drive e: (BACKUP) (Fixed) (Total:283.2 GB) (Free:282.61 GB) NTFS

\\?\Volume{dcb5439f-4bb3-11df-be68-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{f47024c8-0000-0000-0000-d0ee94000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: F47024C8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=595.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 45124511)
Partition 1: (Active) - (Size=313 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=283.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================





Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-05-2019
Ran by oem (administrator) on ICORE (MSI MS-7586) (16-05-2019 22:13:28)
Running from C:\Users\oem\Desktop
Loaded Profiles: oem (Available Profiles: oem)
Platform: Microsoft Windows 10 Pro Version 1709 16299.1029 (X86) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ATLAS consulting, spol. s r.o.) [File not signed] C:\Program Files\ATLAS consulting\RegServer\RegSrv.exe
(AVG Technologies CZ, s.r.o. -> ) C:\Program Files\AVG Web TuneUp\CefHost.exe
(AVG Technologies CZ, s.r.o. -> ) C:\Program Files\AVG Web TuneUp\CefHost.exe
(AVG Technologies CZ, s.r.o. -> ) C:\Program Files\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o. -> ) C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo.exe
(ESET, spol. s r.o. -> ESET spol. s r.o.) C:\Users\oem\Downloads\esetonlinescanner_csy.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(HP Inc. -> HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.1019\SSScheduler.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\SetupHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\06ca011e35448b9bb8801815685193cc\WindowsUpdateBox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PickerHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [488344 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8129056 2009-12-25] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Windows Updater] => C:\Users\oem\AppData\Roaming\SS.exe [1169224 2009-06-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-11-09] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2187336 2018-01-03] (AVG Technologies CZ, s.r.o. -> )
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [273328 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer\Run: [Windows Updater] => C:\Users\oem\AppData\Roaming\SS.exe [1169224 2009-06-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\...\Run: [Windows Updater] => C:\Users\oem\AppData\Roaming\SS.exe [1169224 2009-06-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\...\MountPoints2: G - "G:\AutoRun.exe"
HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\...\MountPoints2: {908062c9-3388-11e9-a0ba-406186c0da4e} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\...\MountPoints2: {9339a6f7-04ed-11e9-a0b9-406186c0da4e} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [28672 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.divx] => C:\Windows\system32\divx.dll [696320 2009-11-14] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\system32\divx.dll [696320 2009-11-14] (DivX, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\system32\xvidvfw.dll [180224 2009-06-07] () [File not signed]
HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\system32\ff_vfw.dll [85504 2010-03-03] () [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\LameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [msacm.lhacm] => C:\Windows\system32\lhacm.acm [34064 2010-10-23] (Microsoft Corporation) [File not signed]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{49cd2afd-8679-48a5-90ab-e7044bee2465}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{49cd2afd-8679-48a5-90ab-e7044bee2465}.sdb [2018-06-27]
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-02] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2019-05-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.1019\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.)
Startup: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2014-12-01]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0435EEB5-6F4F-4AB8-B104-FD6DDCF5F4E8} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1005F120-C2B4-485F-8AB3-EEFCD84713F9} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {13873A68-0EDD-48A5-9BDC-14E4437D98C6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {17D74F21-3A68-4872-80DE-46C09097D90E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {26A840EA-8779-4769-966F-E6D9CF6C9B53} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe [1452600 2019-04-15] (Adobe Inc. -> Adobe)
Task: {2946701E-00A2-405E-A025-10FA13D3EFC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {29D80DDA-2827-48E5-BC5E-DE5156729896} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {31102998-DD02-4BFB-944F-A7E65FC3166C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3137F8E6-2839-49F0-80F3-9C34083012BA} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {33609921-108B-4FB1-976A-50C7EF7ADA8D} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {3D070303-1AAB-4BEE-BB0C-CDE1E3102B4E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [652664 2019-04-17] (HP Inc. -> HP Inc.)
Task: {41BC3682-FC43-4111-8A7B-15D2BBEE2064} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {41C5BEAE-1EBF-4A66-9EEE-90B94F2490F7} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {46B429CF-5B7B-4528-8E9D-2AAD976F8C67} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {48E3A15D-415C-4A79-BDC2-4F7436D2C942} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {5890F46B-80E2-466C-B0F5-EFECA785B633} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {58B5E360-30EA-4877-BCB8-9FD96C543707} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {5C6F8FF7-5D99-48CE-BC93-DF9B73EBC3AC} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe
Task: {67EDA820-A552-47E4-BE38-0034A14AA803} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6904632E-F39A-4B89-8194-735D874F0987} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {700B5D4C-C336-4E0A-BB99-8954F8474D19} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70B0FD7B-EF07-4A92-BBD5-DA1AEDD852F9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {72E68151-8CAC-4D1C-8DA4-D45506182346} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8A70CAF0-B62C-493B-B3E7-68CDF8355437} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8A7AC7ED-C96F-4822-B341-7C3193E2CE42} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8AAB2FE5-AF48-4EC1-8A0D-D110A30D92D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {8F16C8B8-12CB-4834-8FBA-5B2F9F37328C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-16] (Adobe Inc. -> Adobe)
Task: {90571447-6C90-45BF-A8EB-803B61904694} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {93768DE9-5686-469B-A0A3-78369C609060} - System32\Tasks\S-1-5-21-2302488526-1930153894-2140200091-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [103424 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
Task: {965392D8-6FC0-441E-AE50-2339FC869C52} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A69E9C8C-2CF6-45AD-B192-AAEFF80E1368} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A9DBAA74-C2ED-450B-B861-87F75926F04B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {AFE11930-D5E6-4E15-8098-E4B28763441C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B6217CCE-505A-4A9A-AE1D-A46E4FEDE533} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {B67BED8E-C2B5-4734-8CB7-F87D15212AB6} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1983376 2019-04-08] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {B7222D0C-169D-4794-851B-A790115789FF} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B7822517-000C-4729-8EEB-74E78374266A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BD02B9EE-97D3-4EF8-B98A-3EE8ABCD8C7C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C3DADD13-D345-4831-9C79-BE33808656F1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C907790D-404F-4CD5-B540-68E2462955A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {CFB539F0-5CF2-47BA-8C45-0D50F75887C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {D260E6FB-01E9-4822-BCEE-D5C18800CF93} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle America, Inc. -> Oracle Corporation)
Task: {D6B01768-7D0A-4776-9351-80ED8E3B3771} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E1F8771E-CC01-4305-85E4-10A6335F4609} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E97DA310-7B3F-4206-83A4-9B32D3152FD4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [129361720 2019-05-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F23C690D-9B19-4F62-BD94-5C8DA9315DDA} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2432944 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {F329B91C-9E8C-45EE-ADF0-0B6120C65ED5} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-16] (Adobe Inc. -> Adobe)
Task: {F615CB1C-AE27-4BCD-8970-C96720EF933B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {F97EC727-E419-4DA0-8064-E34022D27DB1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FE960905-09F5-4F78-BB7A-723B8D70C7F5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 8.8.4.4 212.158.128.2
Tcpip\..\Interfaces\{025d5e3d-ffbc-43f9-98c8-19c2a10b0ef3}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{5047f852-12bb-485e-bb07-e99c80b32b40}: [DhcpNameServer] 10.0.0.138 8.8.4.4 212.158.128.2
Tcpip\..\Interfaces\{a0d62480-197c-4a9a-b090-a2af7207d99b}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{BD27F959-7303-4C49-94CB-DDF805D54BC7}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{da3ecdef-b40a-45c4-9494-ab8c150aa65c}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{fbae6ba2-f87f-4090-b584-7a9703290893}: [DhcpNameServer] 81.91.208.2 81.91.209.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131521904683928242&GUID=2E788215-178C-4C84-AAFB-D9FBADD71D71
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439792420&from=m ... 4tdo3z1o8z
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130880242427477700&GUID=00000000-0000-0000-0000-000000000000
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKF9BG1-E8LXU36OEI7dum0N5xfr-SfmEnOcOTNQ3eqfIKPSmnX3QaluxQTq4zVE7kJjRaD85t3oMq66jPnHA5I0StY6XfaEDBjI4ce02tHy8FZR3hslXpGPWz4auTUAXHzMwVKJ3q9WyA,&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439792420&from=m ... 4tdo3z1o8z
HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKF9BG1-E8LXU36OEI7dum0N5xfr-SfmEnOcOTNQ3eqfIKPSmnX3QaluxQTq4zVE7kJjRaD85t3oMq66jPnHA5I0StY6XfaEDBjI4ce02tHy8FZR3hslXpGPWz4auTUAXHzMwVKJ3q9WyA,&q={searchTerms}
HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.v9.com?type=hp&ts=1439792420&from=m ... 4tdo3z1o8z
URLSearchHook: HKLM - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... &pc=MSERT1
SearchScopes: HKLM -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKF9BG1-E8LXU36OEI7dum0N5xfr-SfmEnOcOTNQ3eqfIKPSmnX3QaluxQTq4zVE7kJjRaD85t3oMq66jPnHA5I0StY6XfaEDBjI4ce02tHy8FZR3hslXpGPWz4auTUAXHzMwVKJ3q9WyA,&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... &pc=MSERT1
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... &pc=MSERT1
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKF9BG1-E8LXU36OEI7dum0N5xfr-SfmEnOcOTNQ3eqfIKPSmnX3QaluxQTq4zVE7kJjRaD85t3oMq66jPnHA5I0StY6XfaEDBjI4ce02tHy8FZR3hslXpGPWz4auTUAXHzMwVKJ3q9WyA,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... &pc=MSERT1
SearchScopes: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1444634722&fr ... earchTerms}
SearchScopes: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={5E927E8F-5FA8-47B2-A530-3875A24CC22F}&mid=1470f73081ce47cc83d29128c02433bd-b28529595758f60b2244ddbe41593d6c36d592b8&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0817tb&pr=fr&d=2015-11-20 19:39:25&v=4.3.8.510&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: No Name -> {1F91A9A1-01BA-4c81-863D-3BA0751E1419} -> No File
BHO: No Name -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: No Name -> {7F6AFBF1-E065-4627-A2FD-810366367D01} -> No File
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll [2018-01-03] (AVG Technologies CZ, s.r.o. -> AVG)
BHO: No Name -> {96A25A24-2E87-4374-8A50-CC6F943FCE4D} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - No Name - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - No File
Toolbar: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
Toolbar: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
Toolbar: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2302488526-1930153894-2140200091-1000 -> hxxp://www.seznam.cz/

FireFox:
========
FF ProfilePath: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default [2017-08-23]
FF Homepage: Mozilla\Firefox\Profiles\k3yehuer.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\k3yehuer.default -> chrome://quick_start/content/index.html
FF Extension: (Default SearchProtected ) - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default\Extensions\defsearchp@gmail.com.xpi [2015-07-17] [Legacy] [not signed]
FF SearchPlugin: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default\searchplugins\delta-homes.xml [2015-11-20]
FF SearchPlugin: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default\searchplugins\mystartsearch.xml [2015-07-16]
FF HKLM\...\Firefox\Extensions: [searchffv2@gmail.com] - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default\extensions\searchffv2@gmail.com => not found
FF HKLM\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default\extensions\sweetsearch@gmail.com => not found
FF HKLM\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default\extensions\default_newtabff@gmail.com => not found
FF HKLM\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\k3yehuer.default\extensions\defsearchp@gmail.com => not found
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-16] (Adobe Inc. -> )
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> mysearch.avg.com
CHR DefaultSearchURL: Profile 1 -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Profile 1 -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default [2019-05-16]
CHR Extension: (Prezentace) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-25]
CHR Extension: (Dokumenty) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-25]
CHR Extension: (Disk Google) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-25]
CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-25]
CHR Extension: (AVG Secure Search) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2018-09-25]
CHR Extension: (Adobe Acrobat) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-09-25]
CHR Extension: (Tabulky) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-25]
CHR Extension: (Gmail) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-25]
CHR Extension: (Chrome Media Router) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-25]
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-16]
CHR Extension: (Prezentace) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-30]
CHR Extension: (Dokumenty) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-21]
CHR Extension: (Disk Google) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-21]
CHR Extension: (AVG Secure Search) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2018-08-21]
CHR Extension: (Adobe Acrobat) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-16]
CHR Extension: (Tabulky) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-30]
CHR Extension: (Gmail) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-29]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKU\S-1-5-21-2302488526-1930153894-2140200091-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtlasRegServer; C:\Program Files\ATLAS consulting\RegServer\RegSrv.exe [1069568 2010-11-02] (ATLAS consulting, spol. s r.o.) [File not signed]
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [316824 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [5446808 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110048 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.1019\McCHSvc.exe [325408 2019-04-24] (McAfee, Inc. -> McAfee, Inc.)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [271760 2009-04-15] (CyberLink -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2891880 2019-02-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7757552 2018-02-26] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [279408 2017-09-29] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [88072 2019-02-17] (Microsoft Corporation -> Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [981576 2018-01-03] (AVG Technologies CZ, s.r.o. -> )

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [34744 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [172472 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [220472 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [158584 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgblog.sys [255200 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [51320 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [14768 2019-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [40736 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [138320 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [101032 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [72848 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [783072 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [403432 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [165304 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [312512 2019-04-25] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-11-09] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [205800 2015-09-23] (ESET, spol. s r.o. -> ESET)
S1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [145512 2015-09-23] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\DRIVERS\ekbdflt.sys [111040 2015-10-07] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [161992 2015-09-23] (ESET, spol. s r.o. -> ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44608 2015-09-23] (ESET, spol. s r.o. -> ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [56944 2015-09-23] (ESET, spol. s r.o. -> ESET)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2009-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 Huawei; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [23424 2009-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Tech. Co., Ltd.)
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [102912 2009-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [101120 2009-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [746752 2017-01-23] (Realtek Semiconductor Corp -> Realtek )
R1 tidnet; C:\WINDOWS\system32\DRIVERS\tidnet.sys [19200 2009-09-15] (Telefónica I+D) [File not signed]
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [15360 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37440 2017-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [253848 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [119952 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98200 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [186880 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-16 22:13 - 2019-05-16 22:19 - 000043666 _____ C:\Users\oem\Desktop\FRST.txt
2019-05-16 22:13 - 2019-05-16 22:13 - 000000000 ____D C:\FRST
2019-05-16 22:11 - 2019-05-16 22:12 - 001793536 _____ (Farbar) C:\Users\oem\Desktop\FRST.exe
2019-05-16 22:05 - 2019-05-16 22:06 - 002434560 _____ (Farbar) C:\Users\oem\Desktop\FRST64.exe
2019-05-16 20:33 - 2019-05-16 20:33 - 007659128 _____ (ESET spol. s r.o.) C:\Users\oem\Downloads\esetonlinescanner_csy.exe
2019-05-16 20:30 - 2019-05-16 20:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2019-05-16 20:29 - 2019-05-16 20:31 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2019-05-16 20:18 - 2019-05-16 20:18 - 458825508 _____ C:\WINDOWS\MEMORY.DMP
2019-05-16 20:18 - 2019-05-16 20:18 - 000000000 _____ C:\WINDOWS\Minidump\051619-46562-01.dmp
2019-05-16 15:05 - 2019-05-16 15:06 - 001962947 _____ C:\Users\oem\Desktop\SKMBT_C36019051612310.pdf
2019-05-16 15:04 - 2019-05-16 15:05 - 000965835 _____ C:\Users\oem\Desktop\SKMBT_C36019051612300.pdf
2019-05-16 15:03 - 2019-05-16 15:04 - 001800070 _____ C:\Users\oem\Desktop\SKMBT_C36019051612290.pdf
2019-05-16 15:01 - 2019-05-16 15:01 - 005074096 _____ C:\Users\oem\Desktop\SKMBT_C36019051612270.pdf
2019-05-16 10:54 - 2019-05-16 10:54 - 000038719 _____ C:\Users\oem\Downloads\1541 potvrzení o úhradě.pdf
2019-05-16 09:07 - 2019-05-16 09:07 - 000178689 _____ C:\Users\oem\Downloads\hlasování per rollam.pdf
2019-05-14 15:40 - 2019-05-14 15:40 - 000037844 _____ C:\Users\oem\Downloads\1547.pdf
2019-05-14 08:03 - 2019-05-14 08:03 - 000038595 _____ C:\Users\oem\Downloads\1544 KC1.pdf
2019-05-14 08:01 - 2019-05-14 08:02 - 000038072 _____ C:\Users\oem\Downloads\1546.pdf
2019-05-14 08:01 - 2019-05-14 08:02 - 000038072 _____ C:\Users\oem\Downloads\1546 (1).pdf
2019-05-13 11:10 - 2019-05-13 11:10 - 000391062 _____ C:\Users\oem\Downloads\Černušák (2).pdf
2019-05-13 11:10 - 2019-05-13 11:10 - 000390879 _____ C:\Users\oem\Downloads\Černušák (1).pdf
2019-05-13 10:37 - 2019-05-13 10:37 - 000390879 _____ C:\Users\oem\Downloads\Černušák.pdf
2019-05-13 10:37 - 2019-05-13 10:37 - 000390841 _____ C:\Users\oem\Downloads\Nytra.pdf
2019-05-13 10:37 - 2019-05-13 10:37 - 000390799 _____ C:\Users\oem\Downloads\Šrůtek.pdf
2019-05-10 13:54 - 2019-05-10 13:55 - 000038016 _____ C:\Users\oem\Downloads\1545.pdf
2019-05-07 11:36 - 2019-05-07 11:36 - 000038606 _____ C:\Users\oem\Downloads\1544.pdf
2019-05-07 11:36 - 2019-05-07 11:36 - 000037864 _____ C:\Users\oem\Downloads\1538.pdf
2019-05-07 11:36 - 2019-05-07 11:36 - 000037814 _____ C:\Users\oem\Downloads\1543 KC.pdf
2019-05-02 13:15 - 2019-05-02 13:15 - 005222662 _____ C:\Users\oem\Downloads\1556271943-c365be22a6fb84dfb2bb48b4a3a27f48.pdf
2019-05-02 11:45 - 2019-05-02 11:45 - 000038035 _____ C:\Users\oem\Downloads\1542.pdf
2019-05-02 11:45 - 2019-05-02 11:45 - 000037801 _____ C:\Users\oem\Downloads\1543.pdf
2019-04-26 08:44 - 2019-04-26 08:44 - 000707874 _____ C:\Users\oem\Downloads\UŽIVATELSKÁ PŘÍRUČKA PRO INVESTORY.pdf
2019-04-25 08:02 - 2019-04-25 08:00 - 000311216 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2019-04-24 09:36 - 2019-04-24 09:36 - 000383966 _____ C:\Users\oem\Downloads\209_8411718709_37753B776E.pdf
2019-04-23 11:03 - 2019-04-23 11:03 - 000526321 _____ C:\Users\oem\Downloads\Domácnost VPP D 2017_02.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-16 22:15 - 2017-09-29 07:31 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-05-16 22:10 - 2017-12-21 10:13 - 000000000 ____D C:\Users\oem
2019-05-16 21:31 - 2017-02-03 10:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
2019-05-16 21:31 - 2017-02-03 10:56 - 000000000 ____D C:\Program Files\FileViewPro
2019-05-16 20:33 - 2010-10-14 07:33 - 000000000 ____D C:\Users\oem\AppData\Local\ESET
2019-05-16 20:30 - 2019-02-18 08:57 - 000002164 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2019-05-16 20:30 - 2017-10-11 09:14 - 000000000 ____D C:\Program Files\McAfee Security Scan
2019-05-16 20:29 - 2012-11-28 18:47 - 000000000 ____D C:\ProgramData\McAfee
2019-05-16 20:18 - 2019-03-20 13:44 - 000000000 ____D C:\WINDOWS\Minidump
2019-05-16 20:18 - 2017-12-21 10:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-16 20:18 - 2017-12-21 10:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-16 20:18 - 2016-09-23 09:28 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-16 14:49 - 2018-04-12 07:31 - 000000000 ___HD C:\$WINDOWS.~BT
2019-05-16 14:49 - 2017-09-29 13:55 - 000000000 ____D C:\WINDOWS\Registration
2019-05-16 14:48 - 2017-12-21 10:30 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2019-05-16 14:48 - 2017-12-21 10:30 - 000011433 _____ C:\WINDOWS\diagerr.xml
2019-05-16 13:15 - 2017-09-29 13:55 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2019-05-16 13:12 - 2017-12-19 10:20 - 000000000 ___DC C:\WINDOWS\Panther
2019-05-16 13:12 - 2017-09-29 13:55 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-16 13:12 - 2017-09-29 13:55 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-16 12:51 - 2015-11-09 19:18 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-16 12:44 - 2013-08-14 22:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-16 12:37 - 2010-04-24 16:50 - 129361720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-16 08:00 - 2017-09-29 13:55 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-05-13 13:10 - 2018-10-04 09:05 - 000000000 ____D C:\Users\oem\AppData\Local\CrashDumps
2019-05-13 08:08 - 2016-01-05 13:59 - 000002402 _____ C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-13 08:08 - 2015-11-09 19:09 - 000000000 ___RD C:\Users\oem\OneDrive
2019-05-10 11:34 - 2017-09-29 13:55 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-05-07 11:16 - 2017-09-29 13:45 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-03 07:42 - 2010-08-21 08:02 - 000000000 ____D C:\Program Files\TeamViewer
2019-05-02 08:32 - 2015-11-20 20:21 - 000002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-02 08:32 - 2015-11-20 20:21 - 000002243 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-25 08:03 - 2019-04-15 08:02 - 000000077 _____ C:\WINDOWS\system32\Drivers\avgSP.sys.sum
2019-04-25 08:03 - 2017-12-19 12:47 - 000403432 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2019-04-25 08:03 - 2017-12-19 12:47 - 000312512 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2019-04-25 08:02 - 2017-09-29 13:55 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-25 08:00 - 2019-01-15 08:59 - 000220472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2019-04-25 08:00 - 2019-01-04 13:10 - 000255200 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgblog.sys
2019-04-25 08:00 - 2019-01-04 13:10 - 000158584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2019-04-25 08:00 - 2019-01-04 13:10 - 000051320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2019-04-25 08:00 - 2019-01-04 13:10 - 000034744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2019-04-25 08:00 - 2018-10-10 07:56 - 000040736 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2019-04-25 08:00 - 2017-12-19 12:47 - 000783072 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2019-04-25 08:00 - 2017-12-19 12:47 - 000172472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2019-04-25 08:00 - 2017-12-19 12:47 - 000165304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2019-04-25 08:00 - 2017-12-19 12:47 - 000138320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2019-04-25 08:00 - 2017-12-19 12:47 - 000101032 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2019-04-25 08:00 - 2017-12-19 12:47 - 000072848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2019-04-16 08:05 - 2017-12-21 10:08 - 002465720 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-16 08:05 - 2017-09-30 14:07 - 001065998 _____ C:\WINDOWS\system32\perfh005.dat
2019-04-16 08:05 - 2017-09-30 14:07 - 000257800 _____ C:\WINDOWS\system32\perfc005.dat

==================== Files in the root of some directories =======

2010-10-11 18:55 - 2010-10-11 18:58 - 000000220 _____ () C:\Users\oem\AppData\Roaming\data.dat
2010-10-18 07:30 - 2010-10-18 21:47 - 000139152 _____ () C:\Users\oem\AppData\Roaming\PnkBstrK.sys
2009-07-13 22:46 - 2009-06-10 23:23 - 001169224 ____H (Microsoft Corporation) C:\Users\oem\AppData\Roaming\SS.exe
2010-11-21 21:37 - 2011-10-30 13:23 - 000000600 _____ () C:\Users\oem\AppData\Roaming\winscp.rnd
2011-01-19 19:26 - 2011-01-19 19:26 - 000000017 _____ () C:\Users\oem\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {f6f54994-e4da-11e7-a0ac-406186c0da4e}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {7cb62c7a-e625-11e7-893b-889fd9276604}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{7cb62c7b-e625-11e7-893b-889fd9276604}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale cs-CZ
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{7cb62c7b-e625-11e7-893b-889fd9276604}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \WINDOWS\system32\winload.exe
description Windows 10
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {7cb62c7a-e625-11e7-893b-889fd9276604}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {f6f54994-e4da-11e7-a0ac-406186c0da4e}
nx OptIn
bootmenupolicy Standard

Resume from Hibernate
---------------------
identifier {f6f54994-e4da-11e7-a0ac-406186c0da4e}
device partition=C:
path \WINDOWS\system32\winresume.exe
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
recoverysequence {7cb62c7a-e625-11e7-893b-889fd9276604}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
pae Yes
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostika pamŘti syst‚mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {7cb62c7b-e625-11e7-893b-889fd9276604}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi


LastRegBack: 2019-05-06 11:20
==================== End of FRST.txt ============================
Přílohy
logy.zip
frst logy
(22.16 KiB) Staženo 65 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: podivné cmd okno při startu počítače

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Odinstaluj "McAfee Security Scan Plus", kedze je zbytocny ako pises.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět