Navazovani TLS spojeni

Zpráva

GagnerCZ · #1 Příspěvek od **GagnerCZ** » 17 pro 2019 17:40

Dobry den, nelze se mi pripojit a stranky www.atlas.cz hlasi ze navazuje tls spojeni a po chvilce vyskoci vyprsel cas spojeni.
dekuji za pomoc Zdenek

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by holan (17-12-2019 17:33:40)
Running from C:\Users\holan\Desktop
Windows 10 Home Version 1909 18363.535 (X64) (2019-08-22 16:17:05)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1020508210-677974173-4055440659-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1020508210-677974173-4055440659-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1020508210-677974173-4055440659-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1020508210-677974173-4055440659-501 - Limited - Disabled)
holan (S-1-5-21-1020508210-677974173-4055440659-1001 - Administrator - Enabled) => C:\Users\holan
HomeGroupUser$ (S-1-5-21-1020508210-677974173-4055440659-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1020508210-677974173-4055440659-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: FortiClient AntiVirus (Enabled - Up to date) {71629DC5-BE6F-CCD3-C5A5-014980643264}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: FortiClient AntiVirus (Enabled - Up to date) {CA037C21-9855-C35D-FF15-3A3BFBE378D9}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{2999BC6A-8EF9-2281-33EB-10FD4822078F}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{CDF59444-633F-EFF0-ABBD-99DA67E04273}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{74D8A73F-E3EF-6691-4216-274658AE4349}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{9CBC649D-0452-A63D-A523-FF8DCFE4556E}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{5BBA9BFD-9C57-38F7-2055-745C64CF740C}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{4348DDBB-D1F4-E8B4-BCA3-03CA6E10C782}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{77AB3ADA-47D1-A1C8-C2C4-FC524D2F52DC}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{34BE4C3B-E9B4-C362-4FFE-1A7B91D8AB3E}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EE63D5CD-2A9D-99A4-28C3-480678FB52FC}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{B310214A-F44A-762F-B2CD-C5DD7CBA5F30}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{11E71CF4-6BB7-E314-B3EE-0D4BAD949321}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A852482E-E376-B3BB-6717-8993EF74F134}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D60F3E93-72D6-ADE1-E7C1-842CD828A47A}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{6EA40B6E-0EC9-B8AE-F0A2-738AE5ADED5C}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{7E3CDECC-B7B2-6E53-CAE3-5F8C8565C269}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CD709202-55BA-4093-C8B7-85E472690CA7}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DDC725DE-EFB4-6A2C-21BD-3F2B69E44DD9}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{97223B2C-6406-BAA1-DE99-53D0447BD7C8}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{77C4E164-2FBB-AD94-124E-DFA7846F091C}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{CB8AA16C-EB11-B27E-CB0E-CE015C5F85E4}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{D4DD8F3F-3FC2-FC5B-2E4D-3C86C1B402FA}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3309 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
ESET Security (HKLM\...\{37E67F0A-50BB-430A-A2A5-F5E2F6EE96DB}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
FortiClient (HKLM\...\{C8080F10-F9D9-42C8-81AF-C6DB77E66BFD}) (Version: 5.4.3.0870 - Fortinet Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.79 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8357.5639 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{6FA09B91-5D97-45A9-95E9-50F635C98043}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{CFC677DA-B231-4D6D-8C36-25DBC17ECDDF}) (Version: 12.14.49.15 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
hppLaserJetService (HKLM-x32\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.003.00073 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (HKLM-x32\...\{DA6CC3A5-1F5B-4068-8BFF-C597BB6B8158}) (Version: 1.0.0.2 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{208E5E6C-8AF3-4302-8AFB-21FFA882DC2A}) (Version: 19.10.1635.0483 - Intel Corporation)
Macrium Reflect Free Edition (HKLM\...\{EECDC759-7352-4869-8E68-D1C99AB5862B}) (Version: 7.2.4228 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.2 - Paramount Software (UK) Ltd.)
Manager (HKLM-x32\...\{218A9668-3355-48AA-BFE5-6957CA4A5A4C}) (Version: 5.0.22.32425 - 2017 pdfforge GmbH. All rights reserved) Hidden
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft Office 2016 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1020508210-677974173-4055440659-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 cs) (HKLM\...\Mozilla Firefox 71.0 (x64 cs)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
OpenOffice 4.1.6 (HKLM-x32\...\{8DADDDBF-EB36-4D00-9291-8C281F1755A6}) (Version: 4.16.9790 - Apache Software Foundation)
PDF Architect 5 (HKLM-x32\...\PDF Architect 5) (Version: 5.1.28.36004 - pdfforge GmbH)
PDF Architect 5 Create Module (HKLM\...\{7A5C9B23-00FB-479B-9240-8DCBD3CDF7DC}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDF Architect 5 Edit Module (HKLM\...\{422024FF-15CA-4199-8DAF-DD34A8BA85DD}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDF Architect 5 View Module (HKLM\...\{AD72FB9B-80C6-461D-B099-9DD76A62115E}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.2 - pdfforge GmbH)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2811.0_x64__343d40qqvtj1t [2018-07-09] (Amazon.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-09] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-12] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.5.1.2_x86__h6adky7gbf63m [2019-11-27] (Gameloft.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-15] (Facebook Inc)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2017-05-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-15] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.5.0.9_x86__h6adky7gbf63m [2019-12-04] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-08-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1020508210-677974173-4055440659-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FortiClient] -> {7AE5C558-994B-40B7-8730-2DAC2B96781B} => C:\Program Files (x86)\Fortinet\FortiClient\FortiCliSh64.Dll [2017-03-08] (Fortinet Inc.) [File not signed]
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\creator-context-menu.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-01-31] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\zaloha program\RContextMenu.dll [2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\zaloha program\RContextMenu.dll [2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-10-06] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [FortiClient] -> {1935F098-AF3C-4AFC-ADA2-12C74B452DF1} => C:\Program Files (x86)\Fortinet\FortiClient\FortiCliSh64.Dll [2017-03-08] (Fortinet Inc.) [File not signed]
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=booking&refclickid=square

==================== Loaded Modules (Whitelisted) =============

2019-12-15 17:02 - 2019-12-15 17:02 - 000138240 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\73d34090e18bd2a5d6ca6e9445d05751\Interop.IWshRuntimeLibrary.ni.dll
2017-03-08 15:07 - 2017-03-08 15:07 - 000548882 _____ () [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\sqlite3.dll
2009-10-15 17:43 - 2009-10-15 17:43 - 000240128 _____ () [File not signed] C:\Program Files (x86)\HP\HP UT LEDM\bin\LEDMMapperObjects.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000061440 _____ () [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000964096 _____ () [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-12-15 16:57 - 2019-12-15 16:57 - 000160256 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\b78bf3c49590fd80333bbb2358c330d8\BRIDGECommon.ni.dll
2019-12-15 17:00 - 2019-12-15 17:00 - 000120832 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\92d42784d24a7d8bcd50a53f81c935c5\BridgeExtension.ni.dll
2019-12-15 17:00 - 2019-12-15 17:00 - 000348160 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\ce11f736737457d8963e07d42b0de6b6\CleanStartController.ni.dll
2016-10-06 10:28 - 2016-10-06 10:28 - 000851456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2016-10-06 10:28 - 2016-10-06 10:28 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamcsy.dll
2017-03-08 15:10 - 2017-03-08 15:10 - 000145426 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiSkin.dll
2017-03-08 15:06 - 2017-03-08 15:06 - 000280082 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiTrayResc.dll
2017-03-08 15:07 - 2017-03-08 15:07 - 000061458 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\libcfg.dll
2017-03-08 15:09 - 2017-03-08 15:09 - 000433170 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\sslvpnlib.dll
2017-03-08 15:06 - 2017-03-08 15:06 - 000739346 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\utilsdll.dll
2019-12-15 17:01 - 2019-12-15 17:01 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\90ef9eec75f5c70a3eb88b1b76cbf21c\Hardcodet.Wpf.TaskbarNotification.ni.dll
2009-05-21 19:09 - 2009-05-21 19:09 - 000554496 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2019-12-15 17:00 - 2019-12-15 17:00 - 000134656 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\6c7b9bac033da80dc93ba532b37b6ae8\CommonPortable.ni.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000032768 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000031744 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2019-12-15 17:02 - 2019-12-15 17:02 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\3e339fdd0ff8a301cca4ed76ecf8fb94\NAudio.ni.dll
2019-12-15 17:01 - 2019-12-15 17:01 - 003060736 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\c9e29742d37172af77ab1897076e91ef\Newtonsoft.Json.ni.dll
2017-05-04 15:23 - 2017-05-04 15:23 - 000116224 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2019-12-15 17:01 - 2019-12-15 17:01 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\4aa22377093c96a03b2bb88f1818b1f5\log4net.ni.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1020508210-677974173-4055440659-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\holan\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{a4a926d4-1a7d-454d-9a7c-372b33751412}.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Wi-Fi: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (disabled)
Ethernet 2: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 3: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F9444EE4-1AD1-4A65-A1EC-0F197A5C32AA}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{25B9A532-938A-4E1E-A153-3AB58DA97C5B}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\ipsec.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{3E675955-DD28-43B5-AE99-39EF26DDB9E8}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiWad.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{D1222993-6A4D-49A5-BA94-EBA40C8535F6}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortiesnac.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{7AA62530-C858-4619-A041-91AB168E4F7E}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortifws.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{B4DC785A-0E29-455C-8A75-3CCCDE55711A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

17-12-2019 17:18:41 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/17/2019 05:30:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4456,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/17/2019 05:23:41 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (12/17/2019 05:18:59 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (12/17/2019 05:18:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (12/17/2019 05:14:44 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 3972, identifikátor PID ProfSvc: 1288.

Error: (12/17/2019 05:13:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (12/17/2019 05:04:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2032,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/17/2019 04:56:07 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

System errors:
=============
Error: (12/17/2019 05:24:55 PM) (Source: DCOM) (EventID: 10000) (User: HOLANOVA-NB)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/17/2019 05:21:16 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby TrustedInstaller s argumenty Není k dispozici za účelem spuštění serveru:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (12/17/2019 05:20:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Server byla ukončena s následující chybou:
Probíhá vypnutí systému.

Error: (12/17/2019 05:20:26 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec 58FB8482AFD3. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (12/17/2019 05:20:26 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec 58FB8482AFD3. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (12/17/2019 05:20:24 PM) (Source: Microsoft-Windows-WMPNSS-Service) (EventID: 14333) (User: NT AUTHORITY)
Description: Služba WMPNetworkSvc nebyla spuštěna správně v důsledku chyby 0x8007045b. Restartujte počítač a potom se pokuste restartovat službu.

Error: (12/17/2019 05:20:23 PM) (Source: Microsoft-Windows-WMPNSS-Service) (EventID: 14338) (User: NT AUTHORITY)
Description: Nový server médií nebyl inicializován, protože u funkce CoCreateInstance(CLSID_UPnPRegistrar) došlo k chybě 0x8007045b. Ověřte, zda je spuštěná služba UPnPHost a zda je správně nainstalovaná součást systému Windows UPnPHost.

Error: (12/17/2019 05:20:23 PM) (Source: Microsoft-Windows-WMPNSS-Service) (EventID: 14338) (User: NT AUTHORITY)
Description: Nový server médií nebyl inicializován, protože u funkce CoCreateInstance(CLSID_UPnPRegistrar) došlo k chybě 0x8007045b. Ověřte, zda je spuštěná služba UPnPHost a zda je správně nainstalovaná součást systému Windows UPnPHost.

CodeIntegrity:
===================================

Date: 2019-12-17 17:25:52.358
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-17 17:25:52.350
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-17 17:25:52.329
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-17 17:24:41.719
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-17 17:24:41.708
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-17 17:24:41.695
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-17 17:24:41.682
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-17 17:24:41.671
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Insyde F.24 06/15/2017
Motherboard: HP 82F6
Processor: AMD A6-7310 APU with AMD Radeon R4 Graphics
Percentage of memory in use: 70%
Total physical RAM: 3551.12 MB
Available physical RAM: 1059.67 MB
Total Virtual: 4511.12 MB
Available Virtual: 1677.97 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:71.88 GB) NTFS
Drive e: (Nový svazek) (Removable) (Total:29.51 GB) (Free:29.36 GB) NTFS

\\?\Volume{5b9bdd0b-ec15-4779-a401-2b9362911f95}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.42 GB) NTFS
\\?\Volume{87739e91-7c0f-4b2f-bde7-65f4d424b069}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 29D6C95B)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 29.5 GB) (Disk ID: 0000755F)
Partition 1: (Active) - (Size=29.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by holan (administrator) on HOLANOVA-NB (HP HP 255 G5 Notebook PC) (17-12-2019 17:31:13)
Running from C:\Users\holan\Desktop
Loaded Profiles: holan (Available Profiles: defaultuser0 & holan)
Platform: Windows 10 Home Version 1909 18363.535 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\fcappdb.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FCDBLog.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiESNAC.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiWF.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FCHelper64.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiSSLVPNdaemon.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiTray.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\holan\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\holan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(pdfforge GmbH -> Â© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8903176 2016-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [183088 2019-12-14] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [5631720 2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-10-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.79\Installer\chrmstp.exe [2019-12-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-02-01]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0411F3C8-BCA1-4336-A065-8C9107C349DC} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
Task: {106A10DF-166D-4D1D-9415-92286EC14653} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-17] (Google LLC -> Google LLC)
Task: {2C39E608-DD7A-4B04-B9D0-D3FF70D3FB34} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {3492AB39-CC58-4E7D-BAA3-51500580E0D1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3580ADD2-B1F1-491D-B2C5-2C9AA66DC0CC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3B844EFA-0FEC-4918-BE09-A9BC22200B58} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {42A0582A-41A2-4A5B-8E11-0B9083A29C43} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {4674F210-DCDF-4BC5-BEAF-6A81687448C1} - System32\Tasks\DropboxUpdateTaskMachineCore1d557f7c445e83e => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {51ACFEBE-F040-44D9-B86D-CAFE7372BE6E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5ADA6A56-465F-4D30-A867-C70DA18D1FDD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {65822254-CA6F-4D26-8B5F-3FDA30A11B87} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {69465485-2EAD-4C6F-AE57-DB187CB6AB50} - System32\Tasks\HPCeeScheduleForholan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {6FBECB94-A6CF-4AA9-97AC-A8549AD12695} - System32\Tasks\DropboxUpdateTaskMachineUA1d557f7c47334e4 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7175B9DD-817F-44EE-9124-506504083D92} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {71A4ED18-DEA9-45F1-8095-ADCCC8768DA6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-17] (HP Inc. -> )
Task: {78CD47A9-F00F-4D7B-B56A-950DA6A974C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {7F3389D5-3ED5-429F-BA78-AFBD7EF04F19} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B2A5214-5C05-4FCD-B56C-BF85041D76FB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {9862517D-3F7D-48C2-ACEA-27E460E49821} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [145272 2019-10-31] (HP Inc. -> HP Inc.)
Task: {AF273ACD-E955-4CFD-AD99-8262CE317377} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1B52D36-1DD5-47FA-A638-2AC988DE7D8F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\windows\TEMP\sp81110.exe <==== ATTENTION
Task: {C72FB0F2-DFEA-4F7A-8712-D7D3F3A37C41} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {C9B9C86B-9E4E-4394-974B-B3B55345D18A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2019-12-17] (Google LLC -> Google LLC)
Task: {E2C857F8-5D14-4C45-8B53-B35FCC3F0F7A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E7D8C3DA-8ADA-478F-887A-D7F8625592D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {EB1E8BB3-301B-424E-A7AF-75B3BF0D9444} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F15EAF29-7B60-43AA-9CBD-57B15A87EA1F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {FC0F3CAF-35D2-483D-995F-1178C92ADA7E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [277880 2019-11-22] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d557f7c445e83e.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d557f7c47334e4.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForholan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{baa30312-1932-46db-b9bc-3fdd43fc5b5b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f5583a56-897b-48d4-88d1-481da64edd90}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
SearchScopes: HKLM -> {9898C6FB-1399-4A31-9188-D730621C1A64} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {9898C6FB-1399-4A31-9188-D730621C1A64} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1020508210-677974173-4055440659-1001 -> {9898C6FB-1399-4A31-9188-D730621C1A64} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator-ie-helper.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator-ie-plugin.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\holan\Downloads

FireFox:
========
FF DefaultProfile: eguph9hn.default-1576508529644
FF ProfilePath: C:\Users\holan\AppData\Roaming\Mozilla\Firefox\Profiles\eguph9hn.default-1576508529644 [2019-12-17]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
FF Plugin: PDF Architect 5 -> C:\Program Files\PDF Architect 5\np-previewer.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin-x32: @FortinetCacheClean -> C:\Program Files (x86)\Fortinet\FortiClient\npccplugin.dll [2017-03-08] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @FortinetCacheCleanEx -> C:\Program Files (x86)\Fortinet\FortiClient\npccpluginex.dll [2017-03-08] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @FortinetTunnelControl -> C:\Program Files (x86)\Fortinet\FortiClient\nptcplugin.dll [2017-03-08] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-17] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-17] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2019-12-17]

Chrome:
=======
CHR Profile: C:\Users\holan\AppData\Local\Google\Chrome\User Data\Default [2019-12-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\holan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\holan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-10-06] (Advanced Micro Devices, Inc. -> )
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [295840 2016-10-17] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-14] (ESET, spol. s r.o. -> ESET)
R2 FA_Scheduler; C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe [119826 2017-03-08] (Fortinet Inc.) [File not signed]
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1268736 2016-10-05] (HP Inc.) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSIService; C:\windows\system32\HPSIsvc.exe [126856 2012-11-08] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [361848 2019-12-06] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [5462864 2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2706824 2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [1048976 2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [856976 2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-28] (pdfforge GmbH -> Â© pdfforge GmbH.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [317960 2016-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [27376 2016-10-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0307840.inf_amd64_2d7ce5e36533f4c7\atikmdag.sys [26565648 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0307840.inf_amd64_2d7ce5e36533f4c7\atikmpag.sys [527264 2016-10-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [87856 2016-10-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243048 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110104 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-11-02] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-11-02] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-14] (ESET, spol. s r.o. -> ESET)
R3 fortiapd; C:\WINDOWS\System32\drivers\fortiapd.sys [18000 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [45792 2015-08-26] (Fortinet Technologies -> Fortinet Inc)
S1 FortiFW; C:\WINDOWS\System32\drivers\FortiFW2.sys [37456 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R0 fortiloader; C:\WINDOWS\System32\drivers\fortiloader.sys [12368 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 fortimon3; C:\WINDOWS\System32\drivers\fortimon3.sys [45648 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [147536 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 FortiRdr; C:\WINDOWS\System32\drivers\FortiRdr2.sys [47184 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiShield; C:\WINDOWS\System32\drivers\FortiShield.sys [72272 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 fortisniff; C:\WINDOWS\System32\drivers\fortisniff2.sys [85072 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R3 FortiWF; C:\WINDOWS\System32\drivers\FortiWF2.sys [33360 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [71928 2015-08-26] (Fortinet Technologies -> Fortinet Inc)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8720384 2019-08-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 pppop; C:\WINDOWS\System32\drivers\pppop64.sys [54344 2016-03-29] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-26] (Realtek Semiconductor Corp. -> Realtek )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-17 17:31 - 2019-12-17 17:32 - 000029699 _____ C:\Users\holan\Desktop\FRST.txt
2019-12-17 17:30 - 2019-12-17 17:31 - 000000000 ____D C:\FRST
2019-12-17 17:27 - 2019-12-17 17:29 - 000000000 ____D C:\rsit
2019-12-17 17:27 - 2019-12-17 17:27 - 000000000 ____D C:\Program Files\trend micro
2019-12-17 17:25 - 2019-12-17 17:12 - 002264064 _____ (Farbar) C:\Users\holan\Desktop\FRST64.exe
2019-12-17 17:25 - 2019-12-17 17:12 - 001222144 _____ C:\Users\holan\Desktop\RSITx64.exe
2019-12-17 17:23 - 2019-12-17 17:23 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-17 17:23 - 2019-12-17 17:23 - 000002880 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-12-17 17:23 - 2019-12-17 17:23 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-17 17:23 - 2019-12-17 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-17 17:23 - 2019-12-17 17:23 - 000000000 ____D C:\Program Files\CCleaner
2019-12-17 17:22 - 2019-12-17 17:22 - 000000000 ___HD C:\OneDriveTemp
2019-12-17 17:08 - 2019-12-17 17:08 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-17 17:08 - 2019-12-17 17:08 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-17 17:08 - 2019-12-17 17:08 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-17 16:43 - 2019-12-17 16:43 - 000000000 ___HD C:\$SysReset
2019-12-17 16:40 - 2019-12-17 17:22 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-17 16:40 - 2019-12-17 17:22 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-17 16:40 - 2019-12-17 16:40 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-17 16:40 - 2019-12-17 16:40 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-17 16:40 - 2019-12-17 16:40 - 000000000 ____D C:\Users\holan\AppData\Local\Google
2019-12-17 16:40 - 2019-12-17 16:40 - 000000000 ____D C:\Program Files (x86)\Google
2019-12-17 16:39 - 2019-12-17 16:39 - 001397976 _____ (Google LLC) C:\Users\holan\Downloads\ChromeSetup.exe
2019-12-16 19:37 - 2019-12-17 12:56 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-12-16 19:36 - 2019-12-17 12:56 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-16 19:36 - 2019-12-16 19:36 - 000002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-12-16 16:02 - 2019-12-16 16:02 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-16 16:02 - 2019-12-16 16:02 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-12-16 16:02 - 2019-12-16 16:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-15 18:41 - 2019-12-15 18:41 - 000054607 _____ C:\Users\holan\Downloads\vypis-458407.pdf
2019-11-20 07:42 - 2019-11-20 07:42 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-17 17:27 - 2019-08-22 17:06 - 001842076 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-17 17:27 - 2019-03-19 12:55 - 000752246 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-17 17:27 - 2019-03-19 12:55 - 000162686 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-17 17:27 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-17 17:22 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-17 17:22 - 2017-05-03 17:46 - 000000000 ___RD C:\Users\holan\OneDrive
2019-12-17 17:21 - 2019-08-22 17:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-17 17:21 - 2017-09-29 16:02 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-12-17 17:21 - 2017-05-03 20:01 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-17 17:20 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-17 17:19 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-17 17:14 - 2019-08-22 16:53 - 000416488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-17 17:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-17 17:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-17 17:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-17 17:02 - 2017-05-03 19:49 - 000000000 ____D C:\Users\holan\AppData\LocalLow\Mozilla
2019-12-17 16:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-17 16:36 - 2017-05-10 11:52 - 000000000 ____D C:\Users\holan\Desktop\Export DPH
2019-12-17 16:30 - 2017-05-10 11:41 - 000000000 ____D C:\Centura
2019-12-17 14:54 - 2019-08-22 16:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-16 21:50 - 2017-05-12 11:45 - 000000000 ____D C:\Users\holan\Desktop\Import dat
2019-12-16 19:37 - 2017-05-04 15:03 - 000000000 ____D C:\Users\holan\AppData\Local\Adobe
2019-12-16 19:36 - 2017-05-04 15:07 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-12-16 18:19 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-16 16:47 - 2019-08-11 09:43 - 000000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForholan.job
2019-12-16 16:07 - 2019-08-11 09:43 - 000000000 ___DC C:\WINDOWS\Panther
2019-12-16 16:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-16 16:07 - 2017-05-04 15:23 - 000000000 ____D C:\Program Files\PDFCreator
2019-12-16 16:06 - 2019-05-05 10:06 - 000000000 ____D C:\TEMP
2019-12-16 16:02 - 2017-05-03 19:48 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-16 15:55 - 2019-08-22 17:16 - 000003248 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForholan
2019-12-15 16:39 - 2017-08-12 09:41 - 000000000 ___RD C:\Users\holan\3D Objects
2019-12-15 16:39 - 2016-07-29 13:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-15 01:46 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-14 10:49 - 2017-05-03 18:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-14 10:49 - 2016-10-22 10:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-14 10:46 - 2017-05-03 18:57 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-14 10:28 - 2017-11-07 09:19 - 000116696 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-11-27 11:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2019-11-20 08:28 - 2017-05-03 20:14 - 000002242 ____H C:\Users\holan\OneDrive\Dokumenty\Default.rdp
2019-11-20 07:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-11-19 13:15 - 2019-08-22 17:16 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1020508210-677974173-4055440659-1001
2019-11-19 13:15 - 2019-08-22 17:00 - 000002410 _____ C:\Users\holan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Files in the root of some directories ========

2019-05-05 07:50 - 2019-05-05 07:50 - 000000001 _____ () C:\Users\holan\AppData\Local\RawCopy.1.01.agreement
2019-05-05 07:50 - 2019-05-05 07:54 - 000000001 _____ () C:\Users\holan\AppData\Local\RawCopy.sourcedisk.index

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

#2 Příspěvek od **Rudy** » 17 pro 2019 17:51

Zdravím!
Zkuste nejprve smazat cache prohlížeče.

GagnerCZ · #3 Příspěvek od **GagnerCZ** » 17 pro 2019 17:54

Zkousel jsem jak v firefoxu tak i prez ccleaner

#4 Příspěvek od **Rudy** » 17 pro 2019 18:50

OK. Spusťte tedy tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

GagnerCZ · #5 Příspěvek od **GagnerCZ** » 17 pro 2019 19:33

Omlouvam se ale prvn sken jsem pustil z USB takze prikladam dva logy

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build: 10-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-17-2019
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [15699 octets] - [17/12/2019 19:25:55]
AdwCleaner[S00].txt - [6234 octets] - [17/12/2019 19:26:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build: 10-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-17-2019
# Duration: 00:00:17
# OS: Windows 10 Home
# Cleaned: 40
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPAudioSwitch Folder C:\Program Files (x86)\HP\HPAUDIOSWITCH
Deleted Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C72FB0F2-DFEA-4F7A-8712-D7D3F3A37C41}#
Deleted Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch
Deleted Preinstalled.HPAudioSwitch Task C:\Windows\System32\Tasks\HPAUDIOSWITCH
Deleted Preinstalled.HPJumpStartBridge Folder C:\Program Files (x86)\HP\HP JUMPSTART BRIDGE
Deleted Preinstalled.HPJumpStartBridge Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0411F3C8-BCA1-4336-A065-8C9107C349DC}#
Deleted Preinstalled.HPJumpStartBridge Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartProvider
Deleted Preinstalled.HPJumpStartBridge Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}
Deleted Preinstalled.HPJumpStartBridge Task C:\Windows\System32\Tasks\HPJUMPSTARTPROVIDER
Deleted Preinstalled.HPJumpStartLaunch Folder C:\Program Files (x86)\HP\HP JUMPSTART LAUNCH
Deleted Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPRegistrationService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C}
Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\defaultuser0\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\holan\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\holan\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6FA09B91-5D97-45A9-95E9-50F635C98043}
Deleted Preinstalled.HPSureConnect Folder C:\Program Files (x86)\HP INC\HP SURE CONNECT
Deleted Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Deleted Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
Deleted Preinstalled.HPUsageTrackingLEDM Folder C:\Program Files (x86)\HP\HP UT LEDM\BIN
Deleted Preinstalled.HPUsageTrackingLEDM Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|HPUsageTrackingLEDM
Deleted Preinstalled.HPUsageTrackingLEDM Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|HPUsageTrackingLEDM
Deleted Preinstalled.HPUsageTrackingLEDM Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DA6CC3A5-1F5B-4068-8BFF-C597BB6B8158}

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [212085 octets] - [17/12/2019 19:25:55]
AdwCleaner[S00].txt - [6234 octets] - [17/12/2019 19:26:40]
AdwCleaner[C00].txt - [1632 octets] - [17/12/2019 19:28:33]
AdwCleaner[S01].txt - [6281 octets] - [17/12/2019 19:32:34]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

#6 Příspěvek od **Rudy** » 17 pro 2019 19:49

Dejte nové logy FRST+Addition.

GagnerCZ · #7 Příspěvek od **GagnerCZ** » 17 pro 2019 20:04

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by holan (administrator) on HOLANOVA-NB (HP HP 255 G5 Notebook PC) (17-12-2019 20:01:41)
Running from C:\Users\holan\Desktop
Loaded Profiles: holan (Available Profiles: defaultuser0 & holan)
Platform: Windows 10 Home Version 1909 18363.535 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\fcappdb.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FCDBLog.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiESNAC.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiWF.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FCHelper64.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiSSLVPNdaemon.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiTray.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\holan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(pdfforge GmbH -> Â© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8903176 2016-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [183088 2019-12-14] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [5631720 2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-10-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-02-01]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2C39E608-DD7A-4B04-B9D0-D3FF70D3FB34} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {3492AB39-CC58-4E7D-BAA3-51500580E0D1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3580ADD2-B1F1-491D-B2C5-2C9AA66DC0CC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3B844EFA-0FEC-4918-BE09-A9BC22200B58} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {42A0582A-41A2-4A5B-8E11-0B9083A29C43} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {4674F210-DCDF-4BC5-BEAF-6A81687448C1} - System32\Tasks\DropboxUpdateTaskMachineCore1d557f7c445e83e => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {51ACFEBE-F040-44D9-B86D-CAFE7372BE6E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5ADA6A56-465F-4D30-A867-C70DA18D1FDD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {65822254-CA6F-4D26-8B5F-3FDA30A11B87} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {69465485-2EAD-4C6F-AE57-DB187CB6AB50} - System32\Tasks\HPCeeScheduleForholan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {6FBECB94-A6CF-4AA9-97AC-A8549AD12695} - System32\Tasks\DropboxUpdateTaskMachineUA1d557f7c47334e4 => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {7175B9DD-817F-44EE-9124-506504083D92} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {71A4ED18-DEA9-45F1-8095-ADCCC8768DA6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {78CD47A9-F00F-4D7B-B56A-950DA6A974C9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {7F3389D5-3ED5-429F-BA78-AFBD7EF04F19} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B2A5214-5C05-4FCD-B56C-BF85041D76FB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {9862517D-3F7D-48C2-ACEA-27E460E49821} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {AF273ACD-E955-4CFD-AD99-8262CE317377} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1B52D36-1DD5-47FA-A638-2AC988DE7D8F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\windows\TEMP\sp81110.exe <==== ATTENTION
Task: {E2C857F8-5D14-4C45-8B53-B35FCC3F0F7A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E7D8C3DA-8ADA-478F-887A-D7F8625592D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {EB1E8BB3-301B-424E-A7AF-75B3BF0D9444} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {F15EAF29-7B60-43AA-9CBD-57B15A87EA1F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {FC0F3CAF-35D2-483D-995F-1178C92ADA7E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore1d557f7c445e83e.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA1d557f7c47334e4.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForholan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{baa30312-1932-46db-b9bc-3fdd43fc5b5b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f5583a56-897b-48d4-88d1-481da64edd90}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
SearchScopes: HKLM -> {9898C6FB-1399-4A31-9188-D730621C1A64} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {9898C6FB-1399-4A31-9188-D730621C1A64} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1020508210-677974173-4055440659-1001 -> {9898C6FB-1399-4A31-9188-D730621C1A64} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files (x86)\PDF Architect 5\creator-ie-helper.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files (x86)\PDF Architect 5\creator-ie-plugin.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\holan\Downloads

FireFox:
========
FF DefaultProfile: eguph9hn.default-1576508529644
FF ProfilePath: C:\Users\holan\AppData\Roaming\Mozilla\Firefox\Profiles\eguph9hn.default-1576508529644 [2019-12-17]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
FF Plugin: PDF Architect 5 -> C:\Program Files\PDF Architect 5\np-previewer.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin-x32: @FortinetCacheClean -> C:\Program Files (x86)\Fortinet\FortiClient\npccplugin.dll [2017-03-08] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @FortinetCacheCleanEx -> C:\Program Files (x86)\Fortinet\FortiClient\npccpluginex.dll [2017-03-08] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @FortinetTunnelControl -> C:\Program Files (x86)\Fortinet\FortiClient\nptcplugin.dll [2017-03-08] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2019-12-17]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-10-06] (Advanced Micro Devices, Inc. -> )
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [295840 2016-10-17] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-14] (ESET, spol. s r.o. -> ESET)
R2 FA_Scheduler; C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe [119826 2017-03-08] (Fortinet Inc.) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSIService; C:\windows\system32\HPSIsvc.exe [126856 2012-11-08] (Hewlett-Packard Company -> HP)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [5462864 2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2706824 2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [1048976 2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [856976 2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-28] (pdfforge GmbH -> Â© pdfforge GmbH.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [317960 2016-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
S2 HPJumpStartBridge; "C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe" [X]
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
S2 HPTouchpointAnalyticsService; "C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [27376 2016-10-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0307840.inf_amd64_2d7ce5e36533f4c7\atikmdag.sys [26565648 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0307840.inf_amd64_2d7ce5e36533f4c7\atikmpag.sys [527264 2016-10-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [87856 2016-10-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243048 2017-06-16] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110104 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-11-02] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-11-02] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-14] (ESET, spol. s r.o. -> ESET)
R3 fortiapd; C:\WINDOWS\System32\drivers\fortiapd.sys [18000 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiFilter; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [45792 2015-08-26] (Fortinet Technologies -> Fortinet Inc)
S1 FortiFW; C:\WINDOWS\System32\drivers\FortiFW2.sys [37456 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R0 fortiloader; C:\WINDOWS\System32\drivers\fortiloader.sys [12368 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 fortimon3; C:\WINDOWS\System32\drivers\fortimon3.sys [45648 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\WINDOWS\System32\drivers\fortips.sys [147536 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 FortiRdr; C:\WINDOWS\System32\drivers\FortiRdr2.sys [47184 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiShield; C:\WINDOWS\System32\drivers\FortiShield.sys [72272 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 fortisniff; C:\WINDOWS\System32\drivers\fortisniff2.sys [85072 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R3 FortiWF; C:\WINDOWS\System32\drivers\FortiWF2.sys [33360 2017-03-08] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R3 ft_vnic; C:\WINDOWS\System32\drivers\ftvnic.sys [71928 2015-08-26] (Fortinet Technologies -> Fortinet Inc)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8720384 2019-08-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 pppop; C:\WINDOWS\System32\drivers\pppop64.sys [54344 2016-03-29] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-26] (Realtek Semiconductor Corp. -> Realtek )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-17 20:01 - 2019-12-17 20:02 - 000026285 _____ C:\Users\holan\Desktop\FRST.txt
2019-12-17 19:31 - 2019-12-17 19:16 - 007622344 _____ (Malwarebytes) C:\Users\holan\Desktop\AdwCleaner.exe
2019-12-17 19:25 - 2019-12-17 19:28 - 000000000 ____D C:\AdwCleaner
2019-12-17 17:30 - 2019-12-17 20:02 - 000000000 ____D C:\FRST
2019-12-17 17:27 - 2019-12-17 17:27 - 000000000 ____D C:\Program Files\trend micro
2019-12-17 17:25 - 2019-12-17 17:12 - 002264064 _____ (Farbar) C:\Users\holan\Desktop\FRST64.exe
2019-12-17 17:25 - 2019-12-17 17:12 - 001222144 _____ C:\Users\holan\Desktop\RSITx64.exe
2019-12-17 17:23 - 2019-12-17 17:23 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-17 17:23 - 2019-12-17 17:23 - 000002880 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-12-17 17:23 - 2019-12-17 17:23 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-17 17:23 - 2019-12-17 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-17 17:23 - 2019-12-17 17:23 - 000000000 ____D C:\Program Files\CCleaner
2019-12-17 17:22 - 2019-12-17 17:22 - 000000000 ___HD C:\OneDriveTemp
2019-12-17 17:08 - 2019-12-17 17:08 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-17 17:08 - 2019-12-17 17:08 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-17 17:08 - 2019-12-17 17:08 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-17 17:08 - 2019-12-17 17:08 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-17 17:08 - 2019-12-17 17:08 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-17 17:08 - 2019-12-17 17:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-17 16:43 - 2019-12-17 16:43 - 000000000 ___HD C:\$SysReset
2019-12-17 16:40 - 2019-12-17 17:45 - 000000000 ____D C:\Users\holan\AppData\Local\Google
2019-12-17 16:40 - 2019-12-17 17:45 - 000000000 ____D C:\Program Files (x86)\Google
2019-12-17 16:39 - 2019-12-17 16:39 - 001397976 _____ (Google LLC) C:\Users\holan\Downloads\ChromeSetup.exe
2019-12-16 19:37 - 2019-12-17 12:56 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-12-16 19:36 - 2019-12-17 12:56 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-16 19:36 - 2019-12-16 19:36 - 000002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2019-12-16 16:02 - 2019-12-16 16:02 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-16 16:02 - 2019-12-16 16:02 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-12-16 16:02 - 2019-12-16 16:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-15 18:41 - 2019-12-15 18:41 - 000054607 _____ C:\Users\holan\Downloads\vypis-458407.pdf
2019-11-20 07:42 - 2019-11-20 07:42 - 000001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-17 20:01 - 2019-08-22 16:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-17 20:01 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-17 19:38 - 2019-08-22 17:06 - 001842076 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-17 19:38 - 2019-03-19 12:55 - 000752246 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-17 19:38 - 2019-03-19 12:55 - 000162686 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-17 19:38 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-17 19:37 - 2017-05-03 19:49 - 000000000 ____D C:\Users\holan\AppData\LocalLow\Mozilla
2019-12-17 19:34 - 2017-05-03 20:01 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-17 19:34 - 2017-05-03 17:46 - 000000000 ___RD C:\Users\holan\OneDrive
2019-12-17 19:33 - 2019-08-22 17:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-17 19:33 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-17 19:33 - 2017-09-29 16:02 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-12-17 19:33 - 2016-10-22 09:59 - 000000000 ____D C:\Program Files (x86)\HP Inc
2019-12-17 19:33 - 2016-10-22 09:58 - 000000000 ____D C:\ProgramData\HP
2019-12-17 19:33 - 2016-10-22 09:58 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-12-17 19:33 - 2016-10-22 09:58 - 000000000 ____D C:\Program Files\HP
2019-12-17 19:33 - 2016-10-22 09:57 - 000000000 ____D C:\Program Files (x86)\HP
2019-12-17 19:33 - 2016-10-22 09:56 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-12-17 19:33 - 2016-10-21 19:36 - 000000000 ___HD C:\hp
2019-12-17 19:32 - 2017-05-03 18:55 - 000000000 ____D C:\Users\holan\AppData\Local\Hewlett-Packard
2019-12-17 19:32 - 2017-05-03 17:47 - 000000000 ____D C:\Users\holan\AppData\Roaming\Hewlett-Packard
2019-12-17 19:32 - 2017-05-03 17:34 - 000000000 ____D C:\Users\defaultuser0\AppData\Roaming\Hewlett-Packard
2019-12-17 19:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-17 17:19 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-17 17:14 - 2019-08-22 16:53 - 000416488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-17 17:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-17 17:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-17 17:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-17 16:41 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-17 16:36 - 2017-05-10 11:52 - 000000000 ____D C:\Users\holan\Desktop\Export DPH
2019-12-17 16:32 - 2017-05-10 11:41 - 000000000 ____D C:\Centura
2019-12-16 21:50 - 2017-05-12 11:45 - 000000000 ____D C:\Users\holan\Desktop\Import dat
2019-12-16 19:37 - 2017-05-04 15:03 - 000000000 ____D C:\Users\holan\AppData\Local\Adobe
2019-12-16 19:36 - 2017-05-04 15:07 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-12-16 16:47 - 2019-08-11 09:43 - 000000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForholan.job
2019-12-16 16:07 - 2019-08-11 09:43 - 000000000 ___DC C:\WINDOWS\Panther
2019-12-16 16:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-16 16:07 - 2017-05-04 15:23 - 000000000 ____D C:\Program Files\PDFCreator
2019-12-16 16:06 - 2019-05-05 10:06 - 000000000 ____D C:\TEMP
2019-12-16 16:02 - 2017-05-03 19:48 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-16 15:55 - 2019-08-22 17:16 - 000003248 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForholan
2019-12-15 16:39 - 2017-08-12 09:41 - 000000000 ___RD C:\Users\holan\3D Objects
2019-12-15 16:39 - 2016-07-29 13:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-15 01:46 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-14 10:49 - 2017-05-03 18:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-14 10:49 - 2016-10-22 10:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-14 10:46 - 2017-05-03 18:57 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-14 10:28 - 2017-11-07 09:19 - 000116696 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-11-27 11:43 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2019-11-20 08:28 - 2017-05-03 20:14 - 000002242 ____H C:\Users\holan\OneDrive\Dokumenty\Default.rdp
2019-11-20 07:48 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-11-19 13:15 - 2019-08-22 17:16 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1020508210-677974173-4055440659-1001
2019-11-19 13:15 - 2019-08-22 17:00 - 000002410 _____ C:\Users\holan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Files in the root of some directories ========

2019-05-05 07:50 - 2019-05-05 07:50 - 000000001 _____ () C:\Users\holan\AppData\Local\RawCopy.1.01.agreement
2019-05-05 07:50 - 2019-05-05 07:54 - 000000001 _____ () C:\Users\holan\AppData\Local\RawCopy.sourcedisk.index

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by holan (17-12-2019 20:04:05)
Running from C:\Users\holan\Desktop
Windows 10 Home Version 1909 18363.535 (X64) (2019-08-22 16:17:05)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1020508210-677974173-4055440659-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1020508210-677974173-4055440659-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1020508210-677974173-4055440659-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1020508210-677974173-4055440659-501 - Limited - Disabled)
holan (S-1-5-21-1020508210-677974173-4055440659-1001 - Administrator - Enabled) => C:\Users\holan
HomeGroupUser$ (S-1-5-21-1020508210-677974173-4055440659-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1020508210-677974173-4055440659-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: FortiClient AntiVirus (Enabled - Up to date) {71629DC5-BE6F-CCD3-C5A5-014980643264}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: FortiClient AntiVirus (Enabled - Up to date) {CA037C21-9855-C35D-FF15-3A3BFBE378D9}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{2999BC6A-8EF9-2281-33EB-10FD4822078F}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{CDF59444-633F-EFF0-ABBD-99DA67E04273}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{74D8A73F-E3EF-6691-4216-274658AE4349}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{9CBC649D-0452-A63D-A523-FF8DCFE4556E}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{5BBA9BFD-9C57-38F7-2055-745C64CF740C}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{4348DDBB-D1F4-E8B4-BCA3-03CA6E10C782}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{77AB3ADA-47D1-A1C8-C2C4-FC524D2F52DC}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{34BE4C3B-E9B4-C362-4FFE-1A7B91D8AB3E}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EE63D5CD-2A9D-99A4-28C3-480678FB52FC}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{B310214A-F44A-762F-B2CD-C5DD7CBA5F30}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{11E71CF4-6BB7-E314-B3EE-0D4BAD949321}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A852482E-E376-B3BB-6717-8993EF74F134}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D60F3E93-72D6-ADE1-E7C1-842CD828A47A}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{6EA40B6E-0EC9-B8AE-F0A2-738AE5ADED5C}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{7E3CDECC-B7B2-6E53-CAE3-5F8C8565C269}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CD709202-55BA-4093-C8B7-85E472690CA7}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DDC725DE-EFB4-6A2C-21BD-3F2B69E44DD9}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{97223B2C-6406-BAA1-DE99-53D0447BD7C8}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{77C4E164-2FBB-AD94-124E-DFA7846F091C}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{CB8AA16C-EB11-B27E-CB0E-CE015C5F85E4}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{D4DD8F3F-3FC2-FC5B-2E4D-3C86C1B402FA}) (Version: 2016.1006.1130.18864 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.5.6909 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2.3309 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
ESET Security (HKLM\...\{37E67F0A-50BB-430A-A2A5-F5E2F6EE96DB}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
FortiClient (HKLM\...\{C8080F10-F9D9-42C8-81AF-C6DB77E66BFD}) (Version: 5.4.3.0870 - Fortinet Inc)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{5b1a1d22-bd59-44e0-a954-e2f18ec43a23}) (Version: 5.2.20454 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP Support Solutions Framework (HKLM-x32\...\{CFC677DA-B231-4D6D-8C36-25DBC17ECDDF}) (Version: 12.14.49.15 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
hppLaserJetService (HKLM-x32\...\{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}) (Version: 001.003.000145 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.003.00073 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{208E5E6C-8AF3-4302-8AFB-21FFA882DC2A}) (Version: 19.10.1635.0483 - Intel Corporation)
Macrium Reflect Free Edition (HKLM\...\{EECDC759-7352-4869-8E68-D1C99AB5862B}) (Version: 7.2.4228 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.2 - Paramount Software (UK) Ltd.)
Manager (HKLM-x32\...\{218A9668-3355-48AA-BFE5-6957CA4A5A4C}) (Version: 5.0.22.32425 - 2017 pdfforge GmbH. All rights reserved) Hidden
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft Office 2016 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1020508210-677974173-4055440659-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 cs) (HKLM\...\Mozilla Firefox 71.0 (x64 cs)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 71.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
OpenOffice 4.1.6 (HKLM-x32\...\{8DADDDBF-EB36-4D00-9291-8C281F1755A6}) (Version: 4.16.9790 - Apache Software Foundation)
PDF Architect 5 (HKLM-x32\...\PDF Architect 5) (Version: 5.1.28.36004 - pdfforge GmbH)
PDF Architect 5 Create Module (HKLM\...\{7A5C9B23-00FB-479B-9240-8DCBD3CDF7DC}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDF Architect 5 Edit Module (HKLM\...\{422024FF-15CA-4199-8DAF-DD34A8BA85DD}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDF Architect 5 View Module (HKLM\...\{AD72FB9B-80C6-461D-B099-9DD76A62115E}) (Version: 5.0.22.32126 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.2 - pdfforge GmbH)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2811.0_x64__343d40qqvtj1t [2018-07-09] (Amazon.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-09] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-12] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.5.1.2_x86__h6adky7gbf63m [2019-11-27] (Gameloft.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-10-15] (Facebook Inc)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2017-05-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-15] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.5.0.9_x86__h6adky7gbf63m [2019-12-04] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-08-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1020508210-677974173-4055440659-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FortiClient] -> {7AE5C558-994B-40B7-8730-2DAC2B96781B} => C:\Program Files (x86)\Fortinet\FortiClient\FortiCliSh64.Dll [2017-03-08] (Fortinet Inc.) [File not signed]
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\creator-context-menu.dll [2017-02-10] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-01-31] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\zaloha program\RContextMenu.dll [2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\zaloha program\RContextMenu.dll [2019-04-21] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-10-06] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [FortiClient] -> {1935F098-AF3C-4AFC-ADA2-12C74B452DF1} => C:\Program Files (x86)\Fortinet\FortiClient\FortiCliSh64.Dll [2017-03-08] (Fortinet Inc.) [File not signed]
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-03-08 15:07 - 2017-03-08 15:07 - 000548882 _____ () [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\sqlite3.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000061440 _____ () [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000964096 _____ () [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2017-03-08 15:05 - 2017-03-08 15:05 - 000276498 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiCliSh64.Dll
2017-03-08 15:10 - 2017-03-08 15:10 - 000145426 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiSkin.dll
2017-03-08 15:06 - 2017-03-08 15:06 - 000280082 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiTrayResc.dll
2017-03-08 15:07 - 2017-03-08 15:07 - 000061458 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\libcfg.dll
2017-03-08 15:09 - 2017-03-08 15:09 - 000433170 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\sslvpnlib.dll
2017-03-08 15:06 - 2017-03-08 15:06 - 000739346 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\utilsdll.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000032768 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2009-10-15 10:13 - 2009-10-15 10:13 - 000031744 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2017-05-04 15:23 - 2017-05-04 15:23 - 000116224 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-15 03:34 - 2016-09-15 03:34 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-15 03:33 - 2016-09-15 03:33 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1020508210-677974173-4055440659-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\holan\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{a4a926d4-1a7d-454d-9a7c-372b33751412}.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Wi-Fi: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (disabled)
Ethernet 2: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)
Ethernet 3: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F9444EE4-1AD1-4A65-A1EC-0F197A5C32AA}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{25B9A532-938A-4E1E-A153-3AB58DA97C5B}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\ipsec.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{3E675955-DD28-43B5-AE99-39EF26DDB9E8}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiWad.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{D1222993-6A4D-49A5-BA94-EBA40C8535F6}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortiesnac.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{7AA62530-C858-4619-A041-91AB168E4F7E}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortifws.exe (Fortinet Inc.) [File not signed]

==================== Restore Points =========================

17-12-2019 17:18:41 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/17/2019 07:54:37 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3020,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/17/2019 07:43:04 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2976,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/17/2019 07:35:13 PM) (Source: MsiInstaller) (EventID: 11706) (User: HOLANOVA-NB)
Description: Product: HP JumpStart Launch -- Error 1706. An installation package for the product HP JumpStart Launch cannot be found. Try the installation again using a valid copy of the installation package 'SetupHPJumpStartLaunch.msi'.

Error: (12/17/2019 07:34:49 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (12/17/2019 07:34:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 21 0.B.7.B.3.A.5.1.C.9.0.B.5.A.C.6.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Holanova-NB-2.local.

Error: (12/17/2019 07:34:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.192:5353 19 0.B.7.B.3.A.5.1.C.9.0.B.5.A.C.6.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Holanova-NB.local.

Error: (12/17/2019 07:34:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 21 192.1.168.192.in-addr.arpa. PTR Holanova-NB-2.local.

Error: (12/17/2019 07:34:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.192:5353 19 192.1.168.192.in-addr.arpa. PTR Holanova-NB.local.

System errors:
=============
Error: (12/17/2019 07:36:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP Touchpoint Analytics neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (12/17/2019 07:36:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP Support Solutions Framework Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (12/17/2019 07:36:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP Comm Recovery neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (12/17/2019 07:33:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba Windows Media Player Network Sharing závisí na službě Windows Search, která neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (12/17/2019 07:33:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (12/17/2019 07:33:23 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (12/17/2019 07:33:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (12/17/2019 07:33:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

CodeIntegrity:
===================================

Date: 2019-12-17 19:38:04.534
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-17 19:38:04.526
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-17 19:38:04.491
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-17 19:35:49.501
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-17 19:35:49.492
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-17 19:35:49.482
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-17 19:35:49.472
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-17 19:35:49.463
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Insyde F.24 06/15/2017
Motherboard: HP 82F6
Processor: AMD A6-7310 APU with AMD Radeon R4 Graphics
Percentage of memory in use: 63%
Total physical RAM: 3551.12 MB
Available physical RAM: 1279.28 MB
Total Virtual: 4511.12 MB
Available Virtual: 1897.68 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:72.38 GB) NTFS
Drive e: (Nový svazek) (Removable) (Total:29.51 GB) (Free:29.36 GB) NTFS

\\?\Volume{5b9bdd0b-ec15-4779-a401-2b9362911f95}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.42 GB) NTFS
\\?\Volume{87739e91-7c0f-4b2f-bde7-65f4d424b069}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 29D6C95B)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 29.5 GB) (Disk ID: 0000755F)
Partition 1: (Active) - (Size=29.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#8 Příspěvek od **Rudy** » 17 pro 2019 20:52

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {3580ADD2-B1F1-491D-B2C5-2C9AA66DC0CC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

GagnerCZ · #9 Příspěvek od **GagnerCZ** » 17 pro 2019 21:09

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by holan (17-12-2019 21:09:45) Run:1
Running from C:\Users\holan\Desktop
Loaded Profiles: holan (Available Profiles: defaultuser0 & holan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {3580ADD2-B1F1-491D-B2C5-2C9AA66DC0CC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3580ADD2-B1F1-491D-B2C5-2C9AA66DC0CC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3580ADD2-B1F1-491D-B2C5-2C9AA66DC0CC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL" => removed successfully
HKU\S-1-5-21-1020508210-677974173-4055440659-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11712165 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 5626101 B
Edge => 36340 B
Chrome => 0 B
Firefox => 11112342 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 17314 B
NetworkService => 17314 B
defaultuser0 => 23970 B
holan => 8657093 B

RecycleBin => 0 B
EmptyTemp: => 45.8 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 21:10:06 ====

#10 Příspěvek od **Rudy** » 17 pro 2019 21:57

Smazáno. Nastala nějaká změna?

GagnerCZ · #11 Příspěvek od **GagnerCZ** » 18 pro 2019 16:09

Dobry den, bohuzel ne.

#12 Příspěvek od **Rudy** » 18 pro 2019 18:00

Zkusíme ještě vyčistit prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

GagnerCZ · #13 Příspěvek od **GagnerCZ** » 18 pro 2019 19:07

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by holan on 18.12.2019 at 18:14:54,79.
Microsoft Windows 10 Home 10.0.18363 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\holan\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

18.12.2019 18:16:54 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\HP Inc deleted successfully
C:\PROGRA~2\COMMON~1\AV deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\defaultuser0\AppData\Roaming\Hewlett-Packard deleted successfully
C:\Users\defaultuser0\AppData\Roaming\HP deleted successfully
C:\Users\holan\AppData\Roaming\Hewlett-Packard deleted successfully
C:\Users\holan\AppData\Roaming\PDF Producer deleted successfully
C:\Users\defaultuser0\AppData\Local\VirtualStore deleted successfully
C:\Users\holan\AppData\Local\DBG deleted successfully
C:\Users\holan\AppData\Local\PDFCreator deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1020508210-677974173-4055440659-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9898C6FB-1399-4A31-9188-D730621C1A64} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9898C6FB-1399-4A31-9188-D730621C1A64} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9898C6FB-1399-4A31-9188-D730621C1A64} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\holan\AppData\Roaming\Mozilla\Firefox\Profiles\eguph9hn.default-1576508529644\prefs.js:

Added to C:\Users\holan\AppData\Roaming\Mozilla\Firefox\Profiles\eguph9hn.default-1576508529644\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\holan\AppData\Roaming\Mozilla\Firefox\Profiles\eguph9hn.default-1576508529644

user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"pinTab\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"a
---- FireFox user.js and prefs.js backups ----

prefs__1851_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\HP Inc not found
C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM21B05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2317.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2B094.tmp deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\holan\AppData\Roaming\Mozilla\Firefox\Profiles\eguph9hn.default-1576508529644
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"quickprint@hp.com"="C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension" [26.01.2011 14:27]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\holan\AppData\Roaming\Mozilla\Firefox\Profiles\eguph9hn.default-1576508529644
6FBC3513C5D441E5F51B34B0C91A28C8 - C:\Program Files\PDF Architect 5\np-previewer.dll - PDF Architect 5

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://go.microsoft.com/fwlink/p/?Link ... id=UE01DHP"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://go.microsoft.com/fwlink/p/?Link ... id=UE01DHP"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... TR&pc=HCTE
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... TR&pc=HCTE
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... TR&pc=HCTE

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\holan\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\holan\AppData\Local\Microsoft\Windows\INetCache\IE\RI1GV9TU will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\holan\AppData\Local\Mozilla\Firefox\Profiles\eguph9hn.default-1576508529644\cache2 emptied successfully

==== Empty Edge Cache ======================

Edge Cache is not empty, a reboot is needed

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=61 folders=65 155970190 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\defaultuser0\AppData\Local\Temp emptied successfully
C:\Users\holan\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\holan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\holan\AppData\Local\Microsoft\Windows\INetCache\IE\RI1GV9TU" not found
"C:\Users\holan\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge" not found
"C:\Users\holan\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\Temp" not found

==== EOF on 18.12.2019 at 19:05:29,90 ======================

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by holan (Administrator) on 18.12.2019 at 19:07:12,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 1

Failed to delete: C:\ProgramData\pdfforge (Folder)

Registry: 3

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEA429F3-D2D4-4BD7-A03E-5357DA017733} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEA429F3-D2D4-4BD7-A03E-5357DA017733} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{84F23192-A475-4038-B5C0-8584777F2DF4} (Registry Value)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.12.2019 at 19:09:22,78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#14 Příspěvek od **Rudy** » 18 pro 2019 19:50

Změnilo se něco teď?

GagnerCZ · #15 Příspěvek od **GagnerCZ** » 18 pro 2019 20:23

bohuzel ne

VIRY.CZ

Navazovani TLS spojeni

Navazovani TLS spojeni

Re: Navazovani TLS spojeni

Re: Navazovani TLS spojeni

Re: Navazovani TLS spojeni

Re: Navazovani TLS spojeni

Re: Navazovani TLS spojeni

Re: Navazovani TLS spojeni

Re: Navazovani TLS spojeni

Re: Navazovani TLS spojeni

Re: Navazovani TLS spojeni

Re: Navazovani TLS spojeni

Re: Navazovani TLS spojeni

Re: Navazovani TLS spojeni

Re: Navazovani TLS spojeni

Re: Navazovani TLS spojeni