Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu - někdo se mi naboural na email

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Happygirl.
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 01 srp 2006 11:54

Prosím o kontrolu logu - někdo se mi naboural na email

#1 Příspěvek od Happygirl. »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2020
Ran by happy (administrator) on DESKTOP-VN3NLC3 (Dell Inc. Inspiron 7559) (16-01-2020 08:35:07)
Running from C:\Users\happy\Downloads
Loaded Profiles: happy (Available Profiles: happy)
Platform: Windows 10 Home Version 1809 17763.973 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) [File not signed] C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc -> Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Discord Inc. -> Discord Inc.) C:\Users\happy\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\happy\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\happy\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\happy\AppData\Local\Discord\app-0.0.305\Discord.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\happy\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Pandora TV Co., Ltd. -> PandoraTV) C:\Program Files\KMPlayer\KMPlayer.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\pcdrwi.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Seznam.cz, a.s. -> ) C:\Users\happy\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\happy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9278152 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3075552 2015-04-29] (Dell Inc -> Dell Inc.) [File not signed]
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2016-04-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [Gaijin.Net Agent] => C:\Users\happy\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2128968 2018-06-14] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-11] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\happy\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\happy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [Discord] => C:\Users\happy\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [launchOnStartup] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7937608 2019-12-04] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2414456 2019-12-18] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\MountPoints2: {e69e809a-8b5c-11e8-9f89-ac2b6e046621} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [807424 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2016-11-12]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {105C7031-96EB-45A5-8F78-345D6BEC0A0D} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {110D8C72-09F9-4092-ADDD-3B2F2F4D94E3} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1519064 2019-11-23] (Dell Inc. -> Dell Inc.)
Task: {124C63EC-A1F2-4F29-B5B5-99FF9171D4E0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24625520 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {13ED99FB-29D8-4273-91AF-0B8A698E920E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {17767234-39B8-4E82-AE39-B517646164D2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1E353BE1-2EA5-40D3-BF0F-5669FCE9CD2A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376360 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {2743A081-3A52-4758-9DCD-DEB6905242E3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376360 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A175BFC-0AA5-489A-BCA8-EC22A7EA960D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A7F6C54-DE50-4FA5-A6DD-2FBA1D3BC639} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {427B0EFA-8E67-45DF-A8C7-CA3C50B47EF3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {4B670AAF-45EF-47BE-B024-86037D1B5EF0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {4B6F06A2-CF92-4F75-857E-9F4723C42E9E} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {4E99D361-55EE-476C-B19B-41B100F8137A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {58568838-A68B-4754-B5C1-6889E72CA314} - System32\Tasks\{F86B0FE1-88B0-498B-AE28-5D6B11938544} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\LucasArts\Star Wars Empire at War Forces of Corruption\EAWXLauncher.exe" -d "C:\Program Files (x86)\LucasArts\Star Wars Empire at War Forces of Corruption"
Task: {5F6C40D3-AEE6-4A74-B2CE-36E1C027C7BA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-11] (Piriform Ltd -> Piriform Ltd)
Task: {60084522-381B-4312-BCEC-3E8DC8B05E0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {63D9E64F-4E06-448E-A7CD-5BCC302A1D4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {64BDB339-4211-442F-AAAF-EA40A1928102} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {67730D5E-4E4A-4AA3-859A-4CCD67BBBC71} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
Task: {745F8F48-5F71-43F3-8CBC-1BA865591C3C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {74681195-8E5F-4089-8556-2757D5690520} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7A028C11-AF2D-44D1-B08C-E00268A5D21C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {7BCB37DA-2A05-4549-953C-C2BA05213D4A} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [32448 2018-12-04] (Rivet Networks LLC -> DELL)
Task: {805F7E0A-7498-4A03-BCD4-773600F17BA8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {843518C5-1741-40FF-B9AF-F90129826387} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {88563C28-5429-4166-B035-882C8629DC8E} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24625520 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {93E364B9-DC11-4857-9A9F-7C25F167A5E0} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_Plugin.exe
Task: {93EB25A5-5326-43A5-9490-0ED9ED61FFCC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {973F67D8-300B-47C6-B2FE-2E05BC73DE7B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-14] (Adobe Inc. -> Adobe)
Task: {99051A1C-72DA-4E0D-8CA8-EA7667D0944B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {A1D65A91-700D-42EF-8A6C-A836A69F54FD} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d445a3fc117 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {A69C716C-F72A-4C60-87A3-C7AD8F3A54B5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B4165B2F-311D-4928-A504-9185C8FFDEF8} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {B42B5836-1C16-44DB-B064-DA31F0848E4E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C3392D09-A7FE-4F90-B93D-289B17239D7B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E606B0EE-2B19-4BCA-A1CA-EF5F8DD2FAA4} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d445a31b005 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {E6B79FA3-BB39-495A-BF56-326E4D31490B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC4534B4-7E15-44A6-B06F-ACF2EA6B968F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F1E38E2D-182A-4134-AC28-A420679A3CB0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24625520 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {F30A3D78-8464-4ADC-99BB-66106088A42F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
Task: {F4381510-4A0F-455C-899F-6D0D8D43CD93} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f40245d1-e6c2-44c7-b78b-0d94a75330c3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fe213b89-97a3-46d9-93f8-974e5d0c1b3c}: [DhcpNameServer] 192.168.1.1 52.102.23.208

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w29
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=37180
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKLM -> DefaultScope {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w29&q={searchTerms}
SearchScopes: HKLM -> {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w29&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w29&q={searchTerms}
SearchScopes: HKLM-x32 -> {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w29&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {5AD4EAF7-ADB4-4990-9C8B-B6E656861392} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {6A5F57E3-6833-4AA9-A2A1-1B3865842FD6} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {6DDEEB81-301A-40EF-8F81-42E42F7FDF6D} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {872204F4-C541-4B21-8C99-EFED63809935} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {A9656854-D882-4EC4-9DB3-4373B88CCAB1} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {B27136B1-056E-4D10-B2F5-2C429E99970A} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w29&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {DA5854A3-F446-4A92-BB10-FAEEB3DB9264} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {EC40C161-62E7-47AB-95EB-446CB09EE24C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {EFCBF75C-6505-4D99-8ED4-DE4618BEABD8} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 5siqylig.default
FF ProfilePath: C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default [2020-01-16]
FF user.js: detected! => C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default\user.js [2019-10-24]
FF Homepage: Mozilla\Firefox\Profiles\5siqylig.default -> www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\5siqylig.default -> hxxps://www.emimino.cz; hxxps://www.freefilm.to
FF NewTabOverride: Mozilla\Firefox\Profiles\5siqylig.default -> Disabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: ([Disabled by Firefox]) - C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default\Extensions\contact@web-security.com.xpi [2019-10-24]
FF Extension: (Seznam doplněk - Esko) - C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default\Extensions\sko-extension@firma.seznam.cz.xpi [2019-10-30]
FF Extension: (Seznam doplněk - Email) - C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-11-23]
FF Extension: (No Name) - C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3194984547-3803563659-1041652947-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\happy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-10-26] (Unity Technologies SF -> Unity Technologies ApS)

Chrome:
=======
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.viry.cz
CHR Profile: C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default [2020-01-16]
CHR Extension: (Prezentace) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-09]
CHR Extension: (Dokumenty) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-09]
CHR Extension: (Disk Google) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-09]
CHR Extension: (YouTube) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-09]
CHR Extension: (Adobe Acrobat) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-27]
CHR Extension: (Tabulky) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-27]
CHR Extension: (Gmail) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-09]
CHR Extension: (Chrome Media Router) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-04-25] (BattlEye Innovations e.K. -> )
R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-12-29] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209448 2019-10-31] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3402800 2019-10-31] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218152 2019-10-31] (Dell Inc -> Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe [1053168 2019-12-05] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36032 2019-11-08] (Dell Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2018-05-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1585784 2016-06-03] (Intel Corporation - pGFX -> Intel Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1208392 2019-12-04] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6617160 2019-12-02] (GOG Sp. z o.o. -> GOG.com)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190216 2016-10-15] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [311584 2019-04-22] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-12-04] (Rivet Networks LLC -> CloudBees, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [277192 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2114248 2018-12-04] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [49624 2019-11-23] (Dell Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [615384 2017-02-07] (Waves Inc -> Waves Audio Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4110624 2019-04-22] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R4 DBUtil_2_3; C:\WINDOWS\TEMP\DBUtil_2_3.Sys [14840 2020-01-15] (Dell Inc. -> )
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [35704 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [70208 2016-05-19] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088 2016-05-19] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [343608 2016-05-19] (Intel Corporation -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 Netwtw02; C:\WINDOWS\System32\drivers\Netwtw02.sys [6723856 2016-01-21] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8728672 2019-05-03] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_4fde1147f3f313b3\nvlddmkm.sys [22738296 2019-10-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-03-21] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [120008 2018-12-04] (Rivet Networks LLC -> Rivet Networks, LLC.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-16 08:35 - 2020-01-16 08:37 - 000040138 _____ C:\Users\happy\Downloads\FRST.txt
2020-01-16 08:34 - 2020-01-16 08:36 - 000000000 ____D C:\FRST
2020-01-16 08:33 - 2020-01-16 08:33 - 002573312 _____ (Farbar) C:\Users\happy\Downloads\FRST64.exe
2020-01-16 08:30 - 2020-01-16 08:30 - 000388608 _____ (Trend Micro Inc.) C:\Users\happy\Downloads\hijackthis.exe
2020-01-16 08:15 - 2020-01-16 08:15 - 000000068 __RSH C:\WINDOWS\system32\Drivers\WppRecorder.winsecurity
2020-01-16 07:46 - 2020-01-16 07:46 - 000000068 __RSH C:\WINDOWS\system32\Drivers\WpdUpFltr.winsecurity
2020-01-15 20:42 - 2020-01-15 20:43 - 000000005 ____H C:\ProgramData\cm-lock
2020-01-15 16:32 - 2020-01-15 16:32 - 008905728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 007922688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 006543736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 002323896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 001677088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 16:32 - 2020-01-15 16:32 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000541264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000410616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000350416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 16:32 - 2020-01-15 16:32 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000122568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 16:31 - 2020-01-15 16:32 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 009668408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 16:31 - 2020-01-15 16:31 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-01-15 16:31 - 2020-01-15 16:31 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 16:31 - 2020-01-15 16:31 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 16:31 - 2020-01-15 16:31 - 002419712 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 16:31 - 2020-01-15 16:31 - 002149160 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 001936520 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 001670800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 001665712 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 001258296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 16:31 - 2020-01-15 16:31 - 001084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 16:31 - 2020-01-15 16:31 - 001049400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 16:31 - 2020-01-15 16:31 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000677144 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-01-15 16:31 - 2020-01-15 16:31 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 16:31 - 2020-01-15 16:31 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000154976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 16:31 - 2020-01-15 16:31 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-01-13 16:28 - 2020-01-13 16:28 - 000000000 _____ C:\WINDOWS\invcol.tmp
2020-01-13 14:57 - 2020-01-13 14:59 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2020-01-13 10:40 - 2020-01-13 10:40 - 000001434 _____ C:\Users\Public\Desktop\Gwent.lnk
2020-01-13 10:28 - 2020-01-13 10:28 - 000000000 ____D C:\WINDOWS\Panther
2020-01-13 10:19 - 2020-01-13 10:19 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-13 10:19 - 2020-01-13 10:19 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 006444032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 003576832 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-01-13 10:18 - 2020-01-13 10:18 - 001676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 001668960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 001656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 001473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-01-13 10:18 - 2020-01-13 10:18 - 001465264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-01-13 10:18 - 2020-01-13 10:18 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-01-13 10:18 - 2020-01-13 10:18 - 000678672 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-01-13 10:18 - 2020-01-13 10:18 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-01-13 10:18 - 2020-01-13 10:18 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000505632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-01-13 10:18 - 2020-01-13 10:18 - 000408736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2020-01-11 18:15 - 2020-01-11 18:17 - 000000000 ____D C:\Users\happy\Downloads\Maleficent.Mistress.of.Evil.2019.WEB-DL.XviD.AC3-FGT
2020-01-11 18:13 - 2020-01-11 18:30 - 1420623872 _____ C:\Users\happy\Downloads\Time Trap - Time Trap.avi
2020-01-11 18:12 - 2020-01-11 18:12 - 000000000 ____D C:\Users\happy\Downloads\Ford.V.Ferrari.2019.DVDSc.XViD.AC3-ETRG
2020-01-11 18:11 - 2020-01-11 18:21 - 1533153101 _____ C:\Users\happy\Downloads\Kin.2018.480p.CZ.mkv
2020-01-11 18:09 - 2020-01-11 18:32 - 1380120450 _____ C:\Users\happy\Downloads\Joker.2019.BDRip.x264.CZ-AZECON.mkv
2020-01-09 14:41 - 2020-01-09 14:41 - 000002367 _____ C:\Users\happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-08 18:40 - 2020-01-08 18:46 - 2956916233 _____ C:\Users\happy\Downloads\Vikings.S06E05.iNTERNAL.1080p.WEB.H264-AMRAP.mkv
2020-01-08 13:32 - 2020-01-08 13:32 - 000229957 _____ C:\Users\happy\Downloads\Potvrzení o zaplacených úrocích_0.pdf
2020-01-08 13:27 - 2020-01-08 13:27 - 000339352 _____ C:\Users\happy\Downloads\Vypis_z_uctu_532903139_z_20181231 (2).pdf
2020-01-08 13:27 - 2020-01-08 13:27 - 000339248 _____ C:\Users\happy\Downloads\Vypis_z_uctu_532903139_z_20181231 (1).pdf
2020-01-08 13:27 - 2020-01-08 13:27 - 000186320 _____ C:\Users\happy\Downloads\Vypis_z_uctu_532903139_z_20191231 (1).pdf
2020-01-08 13:26 - 2020-01-08 13:26 - 000186320 _____ C:\Users\happy\Downloads\Vypis_z_uctu_532903139_z_20191231.pdf
2020-01-07 17:58 - 2020-01-07 18:14 - 745783296 _____ C:\Users\happy\Downloads\Kořist.AVI
2020-01-05 09:09 - 2020-01-05 15:30 - 1420408824 _____ C:\Users\happy\Downloads\v-pasti-s01e01.mp4
2020-01-05 09:09 - 2020-01-05 15:04 - 1368638086 _____ C:\Users\happy\Downloads\v-pasti-s01e02.mp4
2020-01-05 09:03 - 2020-01-05 09:10 - 2584726754 _____ C:\Users\happy\Downloads\Vikings.S06E04.iNTERNAL.1080p.WEB.H264-AMRAP.mkv
2020-01-03 15:22 - 2020-01-03 15:36 - 1443154710 _____ C:\Users\happy\Downloads\Vesničko má středisková.avi
2019-12-31 23:20 - 2020-01-09 00:07 - 000000000 ____D C:\Users\happy\Downloads\Titulky
2019-12-27 19:42 - 2019-12-27 19:45 - 000000000 ____D C:\Users\happy\Downloads\The.Witcher.S01.1080p.CZ.EN.K0F0LA
2019-12-22 15:34 - 2019-12-22 15:34 - 000000000 ____D C:\WINDOWS\{D9D526E4-4469-47D1-A5F7-65696A7980DD}
2019-12-22 15:33 - 2019-12-22 15:33 - 000000000 ____D C:\WINDOWS\{D7BFF4AE-10EB-46B8-9A9A-5E8FEE1EFB86}
2019-12-21 17:10 - 2019-12-21 17:27 - 2839901855 _____ C:\Users\happy\Downloads\Vikings.S06E03.iNTERNAL.1080p.WEB.H264-AMRAP.mkv
2019-12-21 17:10 - 2019-12-21 17:26 - 2365836061 _____ C:\Users\happy\Downloads\Vikings.S06E02.iNTERNAL.1080p.WEB.H264-AMRAP.mkv
2019-12-21 17:09 - 2019-12-21 17:34 - 1462090764 _____ C:\Users\happy\Downloads\Pelíšky.mkv
2019-12-21 17:09 - 2019-12-21 17:23 - 2897432222 _____ C:\Users\happy\Downloads\Vikings.S06E01.iNTERNAL.1080p.WEB.H264-AMRAP.mkv
2019-12-21 14:02 - 2019-12-21 14:03 - 000000000 ____D C:\Users\happy\Downloads\T-34 (2018)[WebRip]
2019-12-21 10:02 - 2019-12-21 10:02 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-16 08:31 - 2016-11-18 10:30 - 000000000 ____D C:\Users\happy\AppData\LocalLow\Mozilla
2020-01-16 08:31 - 2016-11-08 17:24 - 000000000 ____D C:\Users\happy\AppData\Local\VirtualStore
2020-01-16 08:30 - 2016-11-08 17:43 - 000000000 ____D C:\Users\happy\AppData\Local\Battle.net
2020-01-16 08:27 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-16 07:52 - 2019-05-04 19:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-16 07:15 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2020-01-15 22:48 - 2019-09-15 09:45 - 000000000 ____D C:\Program Files (x86)\Steam
2020-01-15 22:01 - 2019-05-04 20:04 - 001695456 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-15 22:01 - 2018-09-15 18:32 - 000719670 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-15 22:01 - 2018-09-15 18:32 - 000145698 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-15 20:48 - 2017-05-12 14:15 - 000000000 ____D C:\Program Files\UNP
2020-01-15 20:47 - 2017-10-09 10:58 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-15 20:46 - 2018-10-05 16:18 - 000000000 ____D C:\Users\happy\AppData\Roaming\Seznam.cz
2020-01-15 20:43 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Registration
2020-01-15 20:40 - 2016-11-08 17:24 - 000000000 __SHD C:\Users\happy\IntelGraphicsProfiles
2020-01-15 20:39 - 2019-06-21 09:19 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-01-15 20:39 - 2019-05-04 20:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-15 20:39 - 2019-05-04 19:46 - 000450624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-15 20:38 - 2018-09-15 07:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-15 20:37 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-15 20:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-15 20:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 16:38 - 2016-11-09 21:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 16:35 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-15 16:35 - 2016-11-09 21:04 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-14 23:20 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-14 23:20 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-14 14:20 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-14 14:20 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-13 16:26 - 2019-06-21 09:19 - 000000000 ____D C:\Users\happy\AppData\Roaming\TeamViewer
2020-01-13 16:23 - 2018-10-14 10:19 - 000000000 ____D C:\Users\happy\AppData\Local\CrashDumps
2020-01-13 10:40 - 2019-09-16 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gwent [GOG.com]
2020-01-13 10:34 - 2016-05-07 15:15 - 000000000 ____D C:\ProgramData\PCDr
2020-01-13 10:33 - 2018-12-22 14:40 - 000000000 ____D C:\Users\happy\AppData\Roaming\discord
2020-01-13 10:30 - 2017-12-01 10:08 - 000000000 ___RD C:\Users\happy\3D Objects
2020-01-13 10:30 - 2016-05-07 15:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-01-13 10:27 - 2016-11-08 17:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-13 10:27 - 2016-05-07 15:25 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-01-13 10:23 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-01-13 10:23 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-01-13 10:23 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-01-13 10:23 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-01-13 10:23 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-01-13 10:23 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-01-13 03:21 - 2016-05-07 15:36 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-01-11 18:33 - 2016-11-08 17:47 - 000000000 ____D C:\Users\happy\AppData\Roaming\uTorrent
2020-01-11 18:18 - 2019-12-06 16:54 - 000000279 _____ C:\Users\happy\Desktop\Bushcraft.txt
2020-01-10 14:49 - 2018-07-07 07:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-10 14:49 - 2016-11-08 17:38 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-09 14:41 - 2016-11-08 17:27 - 000000000 ___RD C:\Users\happy\OneDrive
2020-01-08 22:56 - 2019-06-09 07:55 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-08 22:56 - 2019-06-09 07:55 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-03 17:46 - 2019-09-16 13:39 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2020-01-03 12:32 - 2017-05-20 14:07 - 000000000 ____D C:\Users\happy\Downloads\Obrazky
2020-01-03 07:53 - 2017-12-01 09:38 - 000000000 ____D C:\Users\happy\AppData\Local\Packages
2020-01-02 13:18 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-31 12:35 - 2016-11-08 17:43 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-12-26 13:29 - 2016-05-07 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-12-18 10:19 - 2018-06-05 19:43 - 000000000 ____D C:\Users\happy\AppData\Local\D3DSCache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2020
Ran by happy (16-01-2020 08:38:33)
Running from C:\Users\happy\Downloads
Windows 10 Home Version 1809 17763.973 (X64) (2019-05-04 19:11:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3194984547-3803563659-1041652947-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3194984547-3803563659-1041652947-503 - Limited - Disabled)
Guest (S-1-5-21-3194984547-3803563659-1041652947-501 - Limited - Disabled)
happy (S-1-5-21-3194984547-3803563659-1041652947-1001 - Administrator - Enabled) => C:\Users\happy
WDAGUtilityAccount (S-1-5-21-3194984547-3803563659-1041652947-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
Aktualizace NVIDIA 38.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.1.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{a914536c-bd41-479c-96aa-dee4a9639c22}) (Version: 21.10.1 - Intel Corporation)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\{AEFE431B-C6FB-449E-B2DB-93E67B8B1DAF}) (Version: 3.4.0.217 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}) (Version: 4.0.1.5857 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.1.0 - Dell Inc.)
Destiny 2 (HKLM-x32\...\Destiny 2) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{5F95C9CC-2614-4C5E-B1FC-43029FD7FD6B}) (Version: 1.1.149.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.14.2 - SCS Software)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Gwent (HKLM-x32\...\1971477531_is1) (Version: 5.0.9 - GOG.com)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Horizon v2.7.6.7 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.6.7 - Daring Development Inc.)
inst (HKLM-x32\...\{92FADD51-71F3-4B70-BD12-823CA7B124FC}) (Version: 1.0.0.0 - Creative Software Solutions GmbH)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}) (Version: 6.0.44.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{86905E62-645F-482E-A417-82C812ABD787}) (Version: 1.1.383 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{87048E79-8849-46B0-AFA4-CD79170D69C2}) (Version: 17.1.1529.1620 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kingdom Come: Deliverance – Band of Bastards (HKLM-x32\...\1957357825_is1) (Version: 247g - GOG.com)
Kingdom Come: Deliverance – From the Ashes (HKLM-x32\...\1201995925_is1) (Version: 247g - GOG.com)
Kingdom Come: Deliverance - HD Sound Pack (HKLM-x32\...\1929089326_is1) (Version: 1.7.2.1010 - GOG.com)
Kingdom Come: Deliverance – The Amorous Adventures of Bold Sir Hans Capon (HKLM-x32\...\1336069439_is1) (Version: 247g - GOG.com)
Kingdom Come: Deliverance (HKLM-x32\...\1719198803_is1) (Version: 1.7.2.1010 - GOG.com)
Kingdom Come: Deliverance Treasures of the Past DLC (HKLM-x32\...\1300320746_is1) (Version: 247g - GOG.com)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.12 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{A1C962E2-2426-49C6-A38B-9A07E40D607C}) (Version: 3.2.217.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.12325.20288 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 72.0.1.7311 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 441.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.08 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20280 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 441.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.08 - NVIDIA Corporation) Hidden
Quake Ultimate Complete Collection (HKLM-x32\...\{2B2FBD25-F0E0-412B-8DA8-ECCA2DA53673}_is1) (Version: 1.0 - RAF)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.5.02 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21289 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8578 - Realtek Semiconductor Corp.)
Registrace produktu (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:) Hidden
Registrace produktu Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:)
Seznam Software (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
SmartByte Drivers and Services (HKLM\...\{01F01829-4C5A-41B0-8198-0BDD02B34C47}) (Version: 2.0.643 - Název společnosti:)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
Unity Web Player (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
Unreal Tournament 2004 (HKLM-x32\...\UT2004) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Wargaming.net Game Center) (Version: 19.8.0.7920 - Wargaming.net)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World_of_Warships_EU (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net)
XPort 360 (HKLM-x32\...\XPort 360_is1) (Version: - )

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-11] (king.com)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.4.7.0_x64__htrsf667h5kn2 [2019-12-05] (Dell Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxDTCM.dll [2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [9216 2018-09-15] (Microsoft Windows -> Microsoft Corporation)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-02-27 06:47 - 2018-02-27 06:47 - 000274944 _____ () [File not signed] C:\Program Files\KMPlayer\Core\libbluray.dll
2016-01-29 09:04 - 2016-01-29 09:04 - 000538112 _____ () [File not signed] C:\Program Files\KMPlayer\libmplay.dll
2016-01-29 09:04 - 2016-01-29 09:04 - 000151040 _____ () [File not signed] C:\Program Files\KMPlayer\LibRealSenseKMP.dll
2008-02-25 07:05 - 2008-02-25 07:05 - 000646656 _____ () [File not signed] C:\Program Files\KMPlayer\Plugins\IN_MP3.DLL
2008-02-25 07:05 - 2008-02-25 07:05 - 000073728 _____ () [File not signed] C:\Program Files\KMPlayer\Plugins\in_mp4.dll
2008-02-25 07:05 - 2008-02-25 07:05 - 000179200 _____ () [File not signed] C:\Program Files\KMPlayer\Plugins\in_nsv.dll
2008-02-25 07:05 - 2008-02-25 07:05 - 000231424 _____ () [File not signed] C:\Program Files\KMPlayer\Plugins\in_vorbis.dll
2008-02-25 07:05 - 2008-02-25 07:05 - 000288256 _____ () [File not signed] C:\Program Files\KMPlayer\Plugins\in_wm.dll
2018-02-27 06:47 - 2018-02-27 06:47 - 000257536 _____ (1f0.de - Hendrik Leppkes) [File not signed] C:\Program Files\KMPlayer\Core\LAVAudio.ax
2018-02-27 06:47 - 2018-02-27 06:47 - 000554496 _____ (1f0.de - Hendrik Leppkes) [File not signed] C:\Program Files\KMPlayer\Core\LAVSplitter.ax
2018-02-27 06:47 - 2018-02-27 06:47 - 001085440 _____ (1f0.de - Hendrik Leppkes) [File not signed] C:\Program Files\KMPlayer\Core\LAVVideo.ax
2017-08-09 07:14 - 2017-08-09 07:14 - 010961408 _____ (FFmpeg Project) [File not signed] C:\Program Files\KMPlayer\Core\avcodec-lav-57.dll
2017-08-09 07:14 - 2017-08-09 07:14 - 000191488 _____ (FFmpeg Project) [File not signed] C:\Program Files\KMPlayer\Core\avfilter-lav-6.dll
2017-08-09 07:14 - 2017-08-09 07:14 - 001761792 _____ (FFmpeg Project) [File not signed] C:\Program Files\KMPlayer\Core\avformat-lav-57.dll
2017-08-09 07:14 - 2017-08-09 07:14 - 000153600 _____ (FFmpeg Project) [File not signed] C:\Program Files\KMPlayer\Core\avresample-lav-3.dll
2017-08-09 07:14 - 2017-08-09 07:14 - 000532992 _____ (FFmpeg Project) [File not signed] C:\Program Files\KMPlayer\Core\avutil-lav-55.dll
2017-08-09 07:14 - 2017-08-09 07:14 - 000531968 _____ (FFmpeg Project) [File not signed] C:\Program Files\KMPlayer\Core\swscale-lav-4.dll
2018-05-29 03:13 - 2018-05-29 03:13 - 003208704 _____ (Pandora.tv) [File not signed] C:\Program Files\KMPlayer\Core\utils.dll
2018-12-04 12:10 - 2018-12-04 12:10 - 000100864 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2019-11-22 10:02 - 2019-11-22 10:02 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll
2016-01-29 09:04 - 2016-01-29 09:04 - 001769472 _____ (TODO: <회사 이름>) [File not signed] C:\Program Files\KMPlayer\PProcDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201 [74]
AlternateDataStreams: C:\Windows:CM_e0501b65315a77c6cde279a3a8d62a1a6c48bf2c2e353a3654218165115f1673 [74]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\happy\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\happy\Downloads\Obrazky\72765528_694106104444934_2435134079012700160_o.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{41147FCD-04D3-4116-A096-7FEA9E2A0A8F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{3BEEDBC6-208A-448D-9AD1-A9557C5BF5D5}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{8EEFFC11-7C43-4CED-ACFF-F26FD73BD941}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{19E5DCD7-E595-4DA9-B9EF-B0AB94131114}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{510FF57B-DA67-4469-883B-796340D6C8B3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2FECB2A2-DE10-452B-8702-3E7778E96413}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{A3F3AEF4-ED41-42BF-8B0C-0EF0BF898510}C:\users\happy\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\happy\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{1E28B447-3A8F-4ECA-8D54-9D1CCABCFE11}C:\users\happy\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\happy\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{828BBD9D-FC9E-4A28-A6FD-BB8348C56DF6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E9883A66-64C2-4716-901D-2418D0D596D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{02BB1F35-3F03-4EB7-9510-B341B7AF4B73}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{51289B7D-59D1-418A-82A8-EE068BC5694F}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [TCP Query User{3273B63C-247E-48FD-AE02-0E78AD88014C}C:\lucka a vojta\hry\hearthstone\hearthstone.exe] => (Allow) C:\lucka a vojta\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{B4AB33A3-1C33-42E5-8FE1-305855820036}C:\lucka a vojta\hry\hearthstone\hearthstone.exe] => (Allow) C:\lucka a vojta\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{8B53A1E4-0A1E-4888-92CB-10197111D025}C:\users\happy\desktop\nová složka\half-life 1.6\half-life 1.6\hl.exe] => (Allow) C:\users\happy\desktop\nová složka\half-life 1.6\half-life 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{B1E0CA67-2FDC-4F5F-A8BA-DC2136ACF90C}C:\users\happy\desktop\nová složka\half-life 1.6\half-life 1.6\hl.exe] => (Allow) C:\users\happy\desktop\nová složka\half-life 1.6\half-life 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{3D304C28-3B20-419D-AC00-EEF104EB9B28}C:\users\happy\desktop\nová složka\warcraft iii\war3.exe] => (Allow) C:\users\happy\desktop\nová složka\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{3C0BC6BF-6D25-4638-B111-582DB6F549C2}C:\users\happy\desktop\nová složka\warcraft iii\war3.exe] => (Allow) C:\users\happy\desktop\nová složka\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{D49D5889-CD2B-4F99-9347-1F09C288C91C}C:\users\happy\desktop\nová složka\call of duty 2\cod2mp_s.exe] => (Allow) C:\users\happy\desktop\nová složka\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{C79DC3F4-830D-48C3-A4E9-5EC83296D101}C:\users\happy\desktop\nová složka\call of duty 2\cod2mp_s.exe] => (Allow) C:\users\happy\desktop\nová složka\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{07BE5AAD-FBF4-4F77-AB2C-100544563E90}C:\users\happy\desktop\nová složka\flatout-2---ondra\flatout 2 - ondra\flatout ii\flatout2.exe] => (Allow) C:\users\happy\desktop\nová složka\flatout-2---ondra\flatout 2 - ondra\flatout ii\flatout2.exe () [File not signed]
FirewallRules: [UDP Query User{C997B72A-68FE-47E7-A1FB-7FF3887D1E96}C:\users\happy\desktop\nová složka\flatout-2---ondra\flatout 2 - ondra\flatout ii\flatout2.exe] => (Allow) C:\users\happy\desktop\nová složka\flatout-2---ondra\flatout 2 - ondra\flatout ii\flatout2.exe () [File not signed]
FirewallRules: [TCP Query User{F65B63BC-C058-460E-A280-4A38CB6DC81E}C:\ut2004\system\ut2004.exe] => (Allow) C:\ut2004\system\ut2004.exe () [File not signed]
FirewallRules: [UDP Query User{43F9D559-F6F0-4A22-B879-F492A3CECAC7}C:\ut2004\system\ut2004.exe] => (Allow) C:\ut2004\system\ut2004.exe () [File not signed]
FirewallRules: [TCP Query User{B494C5DF-42EE-40B6-847C-7213A5DE0741}C:\lucka a vojta\hry\destiny 2\destiny2.exe] => (Allow) C:\lucka a vojta\hry\destiny 2\destiny2.exe No File
FirewallRules: [UDP Query User{659523EB-4BE6-45E4-83ED-6DBBBCD91145}C:\lucka a vojta\hry\destiny 2\destiny2.exe] => (Allow) C:\lucka a vojta\hry\destiny 2\destiny2.exe No File
FirewallRules: [TCP Query User{C5DD5283-F781-4AE8-A4C9-0DA78272C235}C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{A36C4D9C-4DDC-4C6B-BF4B-1D43ECC1D201}C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{41703056-1397-40F9-9A57-BEA35816FA79}C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{807E300A-5E1E-4D3A-A2F1-A73FE10CB57E}C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{CA479B80-6714-4BDC-B865-133FAEFB6ECB}C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{EA440E9A-8DDE-434F-AAA4-807539EDE02E}C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{58CC3899-CDCE-46FE-91FB-FB424AAA5E65}C:\lucka a vojta\hry\heroes of the storm\versions\base74739\heroesofthestorm_x64.exe] => (Allow) C:\lucka a vojta\hry\heroes of the storm\versions\base74739\heroesofthestorm_x64.exe No File
FirewallRules: [UDP Query User{D5E97B7D-EA07-4204-AB53-57CB73D8029C}C:\lucka a vojta\hry\heroes of the storm\versions\base74739\heroesofthestorm_x64.exe] => (Allow) C:\lucka a vojta\hry\heroes of the storm\versions\base74739\heroesofthestorm_x64.exe No File
FirewallRules: [TCP Query User{61C8C291-7432-4E75-A679-22A9DA6E5528}C:\lucka a vojta\hry\quake ultimate complete collection\quake iii complete\quake3.exe] => (Allow) C:\lucka a vojta\hry\quake ultimate complete collection\quake iii complete\quake3.exe () [File not signed]
FirewallRules: [UDP Query User{15F15818-DAA0-4DD5-87E7-E46683AB77AB}C:\lucka a vojta\hry\quake ultimate complete collection\quake iii complete\quake3.exe] => (Allow) C:\lucka a vojta\hry\quake ultimate complete collection\quake iii complete\quake3.exe () [File not signed]
FirewallRules: [{D3302B2A-3BEF-4D96-BBFB-5EE01144ED2C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{70036E8F-72BA-4837-A2CD-BDDA99899E97}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{266C6C40-4A66-4925-8C14-670719996906}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{61B76489-BE01-4BCD-AA30-6E7F0C93DB11}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2DF164F9-B261-452B-852C-4DFEF92D7073}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9651EAC3-C986-46D5-93BB-15F02F4B17D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0EF66B6F-7A14-461D-8F55-7368DB367E49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{697999D5-F47F-4B37-BD1B-5F1417787C43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BB502703-C2DA-439A-9231-2F737578F33E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{48FEDFF2-17EB-4DD3-AEFB-CB4566459111}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{E25AD6C8-C429-4571-9A9E-B75BD34EC2CA}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{7691238E-3212-47B0-86DE-97BCA8693D57}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{AAAAB79A-FD8D-4E8A-883C-FCE0D302D86D}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{32FD88A1-E969-4E98-9CDA-7CCC97CF3B82}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{564957DA-A878-429A-834A-9B5698029323}C:\users\happy\downloads\l\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\happy\downloads\l\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [UDP Query User{EE66DD60-8D93-4441-9FCE-155501476977}C:\users\happy\downloads\l\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\happy\downloads\l\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{DDA24E74-42A7-4E78-98A1-949FF72967DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6CDBCD28-5D0D-4A7C-BF36-01F2842BD97A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BD279785-1B3B-41F2-9FA2-010580297F71}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B8EECE00-93C3-42B1-887C-66949B682ECA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{7C36F51A-4A7B-48F2-B1BB-F919951F5C13}C:\lucka a vojta\hry\heroes of the storm\versions\base77692\heroesofthestorm_x64.exe] => (Allow) C:\lucka a vojta\hry\heroes of the storm\versions\base77692\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{25514842-0AAB-4F69-B43B-D8D8B57B6C5A}C:\lucka a vojta\hry\heroes of the storm\versions\base77692\heroesofthestorm_x64.exe] => (Allow) C:\lucka a vojta\hry\heroes of the storm\versions\base77692\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{9B653923-A8BE-4692-8C07-C122A20EB855}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

31-12-2019 17:16:31 Naplánovaný kontrolní bod
09-01-2020 22:49:56 Naplánovaný kontrolní bod
13-01-2020 09:45:54 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/15/2020 08:43:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DeliveryService.exe, verze: 3.5.2013.0, časové razítko: 0x5d025c33
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0x6cc9b5fd
Kód výjimky: 0xe0434352
Posun chyby: 0x001219b2
ID chybujícího procesu: 0x1dd4
Čas spuštění chybující aplikace: 0x01d5cbdc15a4b10b
Cesta k chybující aplikaci: C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: e37f8793-e523-493b-a8ec-a96848ace9e7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/15/2020 08:43:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DeliveryService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na Dell.ClientFulfillmentService.ClientFulfillmentService.RetrieveAppConfig()
na Dell.ClientFulfillmentService.ClientFulfillmentService.ProcessAppConfig()
na Dell.ClientFulfillmentService.ClientFulfillmentService.InitializeService(System.Object)
na System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.TimerQueueTimer.CallCallback()
na System.Threading.TimerQueueTimer.Fire()
na System.Threading.TimerQueue.FireNextTimers()
na System.Threading.TimerQueue.AppDomainTimerCallback(Int32)

Error: (01/13/2020 07:25:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6156

Error: (01/13/2020 07:25:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6156

Error: (01/13/2020 07:25:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/13/2020 04:28:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DeliveryService.exe, verze: 3.5.2013.0, časové razítko: 0x5d025c33
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0x6cc9b5fd
Kód výjimky: 0xe0434352
Posun chyby: 0x001219b2
ID chybujícího procesu: 0x5e0
Čas spuštění chybující aplikace: 0x01d5ca26159ad7d0
Cesta k chybující aplikaci: C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 975dd1eb-8f93-40e9-9532-61429fbfbe39
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/13/2020 04:28:26 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DeliveryService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na Dell.ClientFulfillmentService.ClientFulfillmentService.RetrieveAppConfig()
na Dell.ClientFulfillmentService.ClientFulfillmentService.ProcessAppConfig()
na Dell.ClientFulfillmentService.ClientFulfillmentService.InitializeService(System.Object)
na System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.TimerQueueTimer.CallCallback()
na System.Threading.TimerQueueTimer.Fire()
na System.Threading.TimerQueue.FireNextTimers()
na System.Threading.TimerQueue.AppDomainTimerCallback(Int32)

Error: (01/13/2020 10:35:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DeliveryService.exe, verze: 3.5.2013.0, časové razítko: 0x5d025c33
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0x6cc9b5fd
Kód výjimky: 0xe0434352
Posun chyby: 0x001219b2
ID chybujícího procesu: 0x2d68
Čas spuštění chybující aplikace: 0x01d5c9f4c7ca637c
Cesta k chybující aplikaci: C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 099e90ff-5ee9-4f7e-b306-dc1fe7471253
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (01/16/2020 08:17:59 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VN3NLC3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VN3NLC3\happy (SID: S-1-5-21-3194984547-3803563659-1041652947-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/15/2020 09:28:28 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VN3NLC3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VN3NLC3\happy (SID: S-1-5-21-3194984547-3803563659-1041652947-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/15/2020 09:28:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/15/2020 09:28:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (60000 ms).

Error: (01/15/2020 08:44:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dell Digital Delivery Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/15/2020 08:44:16 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VN3NLC3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VN3NLC3\happy (SID: S-1-5-21-3194984547-3803563659-1041652947-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/15/2020 08:44:16 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VN3NLC3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VN3NLC3\happy (SID: S-1-5-21-3194984547-3803563659-1041652947-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/15/2020 08:41:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2019-12-31 17:07:02.581
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4529D5F9-265A-464F-A652-A16F00B5E322}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-31 16:50:33.740
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BF7AEEA8-C405-4181-A10C-E5965C8EE7B6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2019-12-27 20:15:26.094
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-27 20:15:26.077
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-27 20:15:25.790
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-27 20:15:25.756
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-27 20:15:25.740
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-27 20:15:25.724
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-27 20:15:22.575
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-27 20:15:22.145
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Dell Inc. 1.2.9 09/03/2018
Motherboard: Dell Inc. 0H0CC0
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 53%
Total physical RAM: 8051.59 MB
Available physical RAM: 3724.89 MB
Total Virtual: 11379.59 MB
Available Virtual: 5034.71 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.84 GB) (Free:10.73 GB) NTFS

\\?\Volume{e24dff12-f291-4d3c-9d2c-391c050a83e9}\ () (Fixed) (Total:0.84 GB) (Free:0.44 GB) NTFS
\\?\Volume{0a582a44-53a5-416e-bcb2-e14c86d6142c}\ (Image) (Fixed) (Total:11.22 GB) (Free:0.65 GB) NTFS
\\?\Volume{ef412d29-5c2a-4a99-b5f8-660915e87131}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1FB38DFA)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118250
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu - někdo se mi naboural na email

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Happygirl.
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 01 srp 2006 11:54

Re: Prosím o kontrolu logu - někdo se mi naboural na email

#3 Příspěvek od Happygirl. »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-15.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-16-2020
# Duration: 00:00:13
# OS: Windows 10 Home
# Cleaned: 42
# Failed: 5


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\happy\AppData\Roaming\Seznam.cz

***** [ Files ] *****

Deleted C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

Deleted __MSG_extensionName__ __MSG_blocked__

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.DellCustomerConnect Folder C:\Program Files (x86)\DELL CUSTOMER CONNECT
Deleted Preinstalled.DellCustomerConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}
Deleted Preinstalled.DellDigitalDelivery Folder C:\Program Files (x86)\DELL DIGITAL DELIVERY
Deleted Preinstalled.DellQuickset Folder C:\Program Files\DELL\QUICKSET
Deleted Preinstalled.DellQuickset Folder C:\Windows\DELL\QUICKSET
Deleted Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|QuickSet
Deleted Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|QuickSet
Deleted Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87CF757E-C1F1-4D22-865C-00C6950B5258}
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{110D8C72-09F9-4092-ADDD-3B2F2F4D94E3}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{110D8C72-09F9-4092-ADDD-3B2F2F4D94E3}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}
Deleted Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\UPDATE
Deleted Preinstalled.DellUpdateforWindows10 Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5EBBC1DA-975F-44A0-B438-F325BCD45577}
Deleted Preinstalled.SmartByte Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIVET NETWORKS
Deleted Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BCB37DA-2A05-4549-953C-C2BA05213D4A}
Deleted Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartByte Telemetry
Deleted Preinstalled.SmartByte Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{01F01829-4C5A-41B0-8198-0BDD02B34C47}
Deleted Preinstalled.SmartByte Task C:\Windows\System32\Tasks\SMARTBYTE TELEMETRY
Not Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Not Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
Not Deleted Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Not Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE
Not Deleted Preinstalled.SmartByte Folder C:\Program Files\RIVET NETWORKS


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6056 octets] - [16/01/2020 10:35:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118250
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu - někdo se mi naboural na email

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Happygirl.
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 01 srp 2006 11:54

Re: Prosím o kontrolu logu - někdo se mi naboural na email

#5 Příspěvek od Happygirl. »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2020
Ran by happy (administrator) on DESKTOP-VN3NLC3 (Dell Inc. Inspiron 7559) (16-01-2020 15:21:28)
Running from C:\Users\happy\Downloads
Loaded Profiles: happy (Available Profiles: happy)
Platform: Windows 10 Home Version 1809 17763.973 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell Inc -> Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Discord Inc. -> Discord Inc.) C:\Users\happy\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\happy\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\happy\AppData\Local\Discord\app-0.0.305\Discord.exe
(Discord Inc. -> Discord Inc.) C:\Users\happy\AppData\Local\Discord\app-0.0.305\Discord.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\happy\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\pcdrwi.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9278152 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2016-04-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [Gaijin.Net Agent] => C:\Users\happy\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2128968 2018-06-14] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [Discord] => C:\Users\happy\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3288016 2019-12-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [launchOnStartup] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [7937608 2019-12-04] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2414456 2019-12-18] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\MountPoints2: {e69e809a-8b5c-11e8-9f89-ac2b6e046621} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [807424 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-08] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\$McRebootA5E6DEAA56$.lnk [2016-11-12]
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {105C7031-96EB-45A5-8F78-345D6BEC0A0D} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {124C63EC-A1F2-4F29-B5B5-99FF9171D4E0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24625520 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {13ED99FB-29D8-4273-91AF-0B8A698E920E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {17767234-39B8-4E82-AE39-B517646164D2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1E353BE1-2EA5-40D3-BF0F-5669FCE9CD2A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376360 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {2743A081-3A52-4758-9DCD-DEB6905242E3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376360 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A175BFC-0AA5-489A-BCA8-EC22A7EA960D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A7F6C54-DE50-4FA5-A6DD-2FBA1D3BC639} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {427B0EFA-8E67-45DF-A8C7-CA3C50B47EF3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {4B670AAF-45EF-47BE-B024-86037D1B5EF0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {4B6F06A2-CF92-4F75-857E-9F4723C42E9E} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {4E99D361-55EE-476C-B19B-41B100F8137A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {58568838-A68B-4754-B5C1-6889E72CA314} - System32\Tasks\{F86B0FE1-88B0-498B-AE28-5D6B11938544} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\LucasArts\Star Wars Empire at War Forces of Corruption\EAWXLauncher.exe" -d "C:\Program Files (x86)\LucasArts\Star Wars Empire at War Forces of Corruption"
Task: {5F6C40D3-AEE6-4A74-B2CE-36E1C027C7BA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {60084522-381B-4312-BCEC-3E8DC8B05E0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {63D9E64F-4E06-448E-A7CD-5BCC302A1D4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {64BDB339-4211-442F-AAAF-EA40A1928102} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {67730D5E-4E4A-4AA3-859A-4CCD67BBBC71} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
Task: {745F8F48-5F71-43F3-8CBC-1BA865591C3C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {74681195-8E5F-4089-8556-2757D5690520} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7A028C11-AF2D-44D1-B08C-E00268A5D21C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {805F7E0A-7498-4A03-BCD4-773600F17BA8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {843518C5-1741-40FF-B9AF-F90129826387} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {88563C28-5429-4166-B035-882C8629DC8E} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24625520 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {93E364B9-DC11-4857-9A9F-7C25F167A5E0} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_Plugin.exe
Task: {93EB25A5-5326-43A5-9490-0ED9ED61FFCC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {973F67D8-300B-47C6-B2FE-2E05BC73DE7B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-14] (Adobe Inc. -> Adobe)
Task: {99051A1C-72DA-4E0D-8CA8-EA7667D0944B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {A1D65A91-700D-42EF-8A6C-A836A69F54FD} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d445a3fc117 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {A69C716C-F72A-4C60-87A3-C7AD8F3A54B5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B4165B2F-311D-4928-A504-9185C8FFDEF8} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {B42B5836-1C16-44DB-B064-DA31F0848E4E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C3392D09-A7FE-4F90-B93D-289B17239D7B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E606B0EE-2B19-4BCA-A1CA-EF5F8DD2FAA4} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d445a31b005 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {E6B79FA3-BB39-495A-BF56-326E4D31490B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC4534B4-7E15-44A6-B06F-ACF2EA6B968F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F1E38E2D-182A-4134-AC28-A420679A3CB0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24625520 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {F30A3D78-8464-4ADC-99BB-66106088A42F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
Task: {F4381510-4A0F-455C-899F-6D0D8D43CD93} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f40245d1-e6c2-44c7-b78b-0d94a75330c3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fe213b89-97a3-46d9-93f8-974e5d0c1b3c}: [DhcpNameServer] 192.168.1.1 52.102.23.208

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w29
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=37180
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKLM -> DefaultScope {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w29&q={searchTerms}
SearchScopes: HKLM -> {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w29&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w29&q={searchTerms}
SearchScopes: HKLM-x32 -> {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w29&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {5AD4EAF7-ADB4-4990-9C8B-B6E656861392} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {6A5F57E3-6833-4AA9-A2A1-1B3865842FD6} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {6DDEEB81-301A-40EF-8F81-42E42F7FDF6D} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {872204F4-C541-4B21-8C99-EFED63809935} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {A9656854-D882-4EC4-9DB3-4373B88CCAB1} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {B27136B1-056E-4D10-B2F5-2C429E99970A} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {c2b8e594-d284-ef0b-2c66-48a9c98914bc} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w29&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {DA5854A3-F446-4A92-BB10-FAEEB3DB9264} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {EC40C161-62E7-47AB-95EB-446CB09EE24C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3194984547-3803563659-1041652947-1001 -> {EFCBF75C-6505-4D99-8ED4-DE4618BEABD8} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 5siqylig.default
FF ProfilePath: C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default [2020-01-16]
FF user.js: detected! => C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default\user.js [2019-10-24]
FF Homepage: Mozilla\Firefox\Profiles\5siqylig.default -> www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\5siqylig.default -> hxxps://www.emimino.cz; hxxps://www.freefilm.to
FF NewTabOverride: Mozilla\Firefox\Profiles\5siqylig.default -> Disabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam doplněk - Esko) - C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default\Extensions\sko-extension@firma.seznam.cz.xpi [2019-10-30]
FF Extension: (Seznam doplněk - Email) - C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-11-23]
FF Extension: (No Name) - C:\Users\happy\AppData\Roaming\Mozilla\Firefox\Profiles\5siqylig.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_314.dll [2020-01-14] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3194984547-3803563659-1041652947-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\happy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-10-26] (Unity Technologies SF -> Unity Technologies ApS)

Chrome:
=======
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.viry.cz
CHR Profile: C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default [2020-01-16]
CHR Extension: (Prezentace) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-09]
CHR Extension: (Dokumenty) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-09]
CHR Extension: (Disk Google) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-09]
CHR Extension: (YouTube) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-09]
CHR Extension: (Adobe Acrobat) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-27]
CHR Extension: (Tabulky) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-27]
CHR Extension: (Gmail) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-09]
CHR Extension: (Chrome Media Router) - C:\Users\happy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-04-25] (BattlEye Innovations e.K. -> )
R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-12-29] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209448 2019-10-31] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3402800 2019-10-31] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218152 2019-10-31] (Dell Inc -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2521\DSAPI.exe [1053168 2019-12-05] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36032 2019-11-08] (Dell Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2018-05-22] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1585784 2016-06-03] (Intel Corporation - pGFX -> Intel Corporation)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1208392 2019-12-04] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6617160 2019-12-02] (GOG Sp. z o.o. -> GOG.com)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190216 2016-10-15] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel(R) Software Asset Manager -> Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [311584 2019-04-22] (Intel Corporation -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-12-04] (Rivet Networks LLC -> CloudBees, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [277192 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2114248 2018-12-04] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [49624 2019-11-23] (Dell Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [615384 2017-02-07] (Waves Inc -> Waves Audio Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4110624 2019-04-22] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [35704 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [70208 2016-05-19] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088 2016-05-19] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [343608 2016-05-19] (Intel Corporation -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [250624 2016-10-15] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 Netwtw02; C:\WINDOWS\System32\drivers\Netwtw02.sys [6723856 2016-01-21] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8728672 2019-05-03] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_4fde1147f3f313b3\nvlddmkm.sys [22738296 2019-10-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-03-21] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [120008 2018-12-04] (Rivet Networks LLC -> Rivet Networks, LLC.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-16 15:23 - 2020-01-16 15:23 - 000000068 __RSH C:\WINDOWS\system32\Drivers\WppRecorder.winsecurity
2020-01-16 14:46 - 2020-01-16 14:46 - 000000068 __RSH C:\WINDOWS\system32\Drivers\WpdUpFltr.winsecurity
2020-01-16 13:37 - 2020-01-16 13:44 - 1773512704 _____ C:\Users\happy\Downloads\Batman Begins - Batman začíná.avi
2020-01-16 12:51 - 2020-01-16 12:57 - 000000000 ____D C:\Users\happy\Downloads\Legenda jménem T-34 Т-34 (2018)
2020-01-16 12:50 - 2020-01-16 13:00 - 1927596130 _____ C:\Users\happy\Downloads\MIB - Globální hrozba (2019)CZ).mkv
2020-01-16 12:48 - 2020-01-16 12:59 - 1496889388 _____ C:\Users\happy\Downloads\Ženy v běhu (2019)(CZ).avi
2020-01-16 10:48 - 2020-01-16 10:48 - 024578944 _____ (Piriform Software Ltd) C:\Users\happy\Downloads\ccsetup563.exe
2020-01-16 10:42 - 2020-01-16 10:42 - 000000004 ____H C:\ProgramData\cm-lock
2020-01-16 10:34 - 2020-01-16 10:36 - 000000000 ____D C:\AdwCleaner
2020-01-16 10:33 - 2020-01-16 10:33 - 008237744 _____ (Malwarebytes) C:\Users\happy\Downloads\adwcleaner_8.0.1.exe
2020-01-16 08:38 - 2020-01-16 08:41 - 000048062 _____ C:\Users\happy\Downloads\Addition.txt
2020-01-16 08:35 - 2020-01-16 15:23 - 000038353 _____ C:\Users\happy\Downloads\FRST.txt
2020-01-16 08:34 - 2020-01-16 15:22 - 000000000 ____D C:\FRST
2020-01-16 08:33 - 2020-01-16 08:33 - 002573312 _____ (Farbar) C:\Users\happy\Downloads\FRST64.exe
2020-01-16 08:30 - 2020-01-16 08:30 - 000388608 _____ (Trend Micro Inc.) C:\Users\happy\Downloads\hijackthis.exe
2020-01-15 16:32 - 2020-01-15 16:32 - 008905728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 007922688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 006543736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 002323896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 001677088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 16:32 - 2020-01-15 16:32 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000541264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000410616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000350416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 16:32 - 2020-01-15 16:32 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000122568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 16:32 - 2020-01-15 16:32 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 16:31 - 2020-01-15 16:32 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 009668408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 16:31 - 2020-01-15 16:31 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-01-15 16:31 - 2020-01-15 16:31 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 16:31 - 2020-01-15 16:31 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 16:31 - 2020-01-15 16:31 - 002419712 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 16:31 - 2020-01-15 16:31 - 002149160 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 001936520 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 001670800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 001665712 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 001258296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 16:31 - 2020-01-15 16:31 - 001084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 16:31 - 2020-01-15 16:31 - 001049400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 16:31 - 2020-01-15 16:31 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000677144 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-01-15 16:31 - 2020-01-15 16:31 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 16:31 - 2020-01-15 16:31 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000154976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 16:31 - 2020-01-15 16:31 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-01-15 16:31 - 2020-01-15 16:31 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-01-13 14:57 - 2020-01-13 14:59 - 000772176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_clr0400.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000702400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase_clr0400.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000622832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_clr0400.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000433448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140_clr0400.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140_clr0400.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000083768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140_clr0400.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000032816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000029232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2020-01-13 14:57 - 2020-01-13 14:59 - 000017968 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2020-01-13 10:40 - 2020-01-13 10:40 - 000001434 _____ C:\Users\Public\Desktop\Gwent.lnk
2020-01-13 10:28 - 2020-01-13 10:28 - 000000000 ____D C:\WINDOWS\Panther
2020-01-13 10:19 - 2020-01-13 10:19 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-13 10:19 - 2020-01-13 10:19 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 006444032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 003576832 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-01-13 10:18 - 2020-01-13 10:18 - 001676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 001668960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 001656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 001473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-01-13 10:18 - 2020-01-13 10:18 - 001465264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2020-01-13 10:18 - 2020-01-13 10:18 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-01-13 10:18 - 2020-01-13 10:18 - 000678672 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-01-13 10:18 - 2020-01-13 10:18 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-01-13 10:18 - 2020-01-13 10:18 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000505632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-01-13 10:18 - 2020-01-13 10:18 - 000408736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-01-13 10:18 - 2020-01-13 10:18 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2020-01-11 18:15 - 2020-01-11 18:17 - 000000000 ____D C:\Users\happy\Downloads\Maleficent.Mistress.of.Evil.2019.WEB-DL.XviD.AC3-FGT
2020-01-11 18:13 - 2020-01-11 18:30 - 1420623872 _____ C:\Users\happy\Downloads\Time Trap - Time Trap.avi
2020-01-11 18:12 - 2020-01-11 18:12 - 000000000 ____D C:\Users\happy\Downloads\Ford.V.Ferrari.2019.DVDSc.XViD.AC3-ETRG
2020-01-11 18:11 - 2020-01-11 18:21 - 1533153101 _____ C:\Users\happy\Downloads\Kin.2018.480p.CZ.mkv
2020-01-11 18:09 - 2020-01-11 18:32 - 1380120450 _____ C:\Users\happy\Downloads\Joker.2019.BDRip.x264.CZ-AZECON.mkv
2020-01-09 14:41 - 2020-01-09 14:41 - 000002367 _____ C:\Users\happy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-08 18:40 - 2020-01-08 18:46 - 2956916233 _____ C:\Users\happy\Downloads\Vikings.S06E05.iNTERNAL.1080p.WEB.H264-AMRAP.mkv
2020-01-08 13:32 - 2020-01-08 13:32 - 000229957 _____ C:\Users\happy\Downloads\Potvrzení o zaplacených úrocích_0.pdf
2020-01-08 13:27 - 2020-01-08 13:27 - 000339352 _____ C:\Users\happy\Downloads\Vypis_z_uctu_532903139_z_20181231 (2).pdf
2020-01-08 13:27 - 2020-01-08 13:27 - 000339248 _____ C:\Users\happy\Downloads\Vypis_z_uctu_532903139_z_20181231 (1).pdf
2020-01-08 13:27 - 2020-01-08 13:27 - 000186320 _____ C:\Users\happy\Downloads\Vypis_z_uctu_532903139_z_20191231 (1).pdf
2020-01-08 13:26 - 2020-01-08 13:26 - 000186320 _____ C:\Users\happy\Downloads\Vypis_z_uctu_532903139_z_20191231.pdf
2020-01-07 17:58 - 2020-01-07 18:14 - 745783296 _____ C:\Users\happy\Downloads\Kořist.AVI
2020-01-05 09:09 - 2020-01-05 15:30 - 1420408824 _____ C:\Users\happy\Downloads\v-pasti-s01e01.mp4
2020-01-05 09:09 - 2020-01-05 15:04 - 1368638086 _____ C:\Users\happy\Downloads\v-pasti-s01e02.mp4
2020-01-05 09:03 - 2020-01-05 09:10 - 2584726754 _____ C:\Users\happy\Downloads\Vikings.S06E04.iNTERNAL.1080p.WEB.H264-AMRAP.mkv
2020-01-03 15:22 - 2020-01-03 15:36 - 1443154710 _____ C:\Users\happy\Downloads\Vesničko má středisková.avi
2019-12-31 23:20 - 2020-01-09 00:07 - 000000000 ____D C:\Users\happy\Downloads\Titulky
2019-12-27 19:42 - 2019-12-27 19:45 - 000000000 ____D C:\Users\happy\Downloads\The.Witcher.S01.1080p.CZ.EN.K0F0LA
2019-12-22 15:34 - 2019-12-22 15:34 - 000000000 ____D C:\WINDOWS\{D9D526E4-4469-47D1-A5F7-65696A7980DD}
2019-12-22 15:33 - 2019-12-22 15:33 - 000000000 ____D C:\WINDOWS\{D7BFF4AE-10EB-46B8-9A9A-5E8FEE1EFB86}
2019-12-21 17:10 - 2019-12-21 17:27 - 2839901855 _____ C:\Users\happy\Downloads\Vikings.S06E03.iNTERNAL.1080p.WEB.H264-AMRAP.mkv
2019-12-21 17:10 - 2019-12-21 17:26 - 2365836061 _____ C:\Users\happy\Downloads\Vikings.S06E02.iNTERNAL.1080p.WEB.H264-AMRAP.mkv
2019-12-21 17:09 - 2019-12-21 17:34 - 1462090764 _____ C:\Users\happy\Downloads\Pelíšky.mkv
2019-12-21 17:09 - 2019-12-21 17:23 - 2897432222 _____ C:\Users\happy\Downloads\Vikings.S06E01.iNTERNAL.1080p.WEB.H264-AMRAP.mkv
2019-12-21 14:02 - 2019-12-21 14:03 - 000000000 ____D C:\Users\happy\Downloads\T-34 (2018)[WebRip]
2019-12-21 10:02 - 2019-12-21 10:02 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-16 15:20 - 2019-05-04 19:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-16 15:20 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-16 13:57 - 2018-10-14 10:19 - 000000000 ____D C:\Users\happy\AppData\Local\CrashDumps
2020-01-16 13:56 - 2016-11-18 10:30 - 000000000 ____D C:\Users\happy\AppData\LocalLow\Mozilla
2020-01-16 13:56 - 2016-11-08 17:47 - 000000000 ____D C:\Users\happy\AppData\Roaming\uTorrent
2020-01-16 12:25 - 2017-10-09 10:58 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-16 10:49 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2020-01-16 10:49 - 2018-04-20 19:08 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-01-16 10:49 - 2018-04-20 19:08 - 000000000 ____D C:\Program Files\CCleaner
2020-01-16 10:44 - 2019-05-04 20:04 - 001695456 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-16 10:44 - 2018-09-15 18:32 - 000719670 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-16 10:44 - 2018-09-15 18:32 - 000145698 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-16 10:43 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Registration
2020-01-16 10:40 - 2019-09-15 09:45 - 000000000 ____D C:\Program Files (x86)\Steam
2020-01-16 10:39 - 2016-11-08 17:24 - 000000000 __SHD C:\Users\happy\IntelGraphicsProfiles
2020-01-16 10:38 - 2019-06-21 09:19 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-01-16 10:38 - 2019-05-04 20:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-16 10:38 - 2018-09-15 07:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-16 10:36 - 2016-05-08 00:43 - 000000000 ____D C:\ProgramData\Dell
2020-01-16 10:36 - 2016-05-07 15:19 - 000000000 ____D C:\WINDOWS\Dell
2020-01-16 10:36 - 2016-05-07 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-01-16 10:36 - 2016-05-07 15:15 - 000000000 ____D C:\Program Files\Dell
2020-01-16 08:31 - 2016-11-08 17:24 - 000000000 ____D C:\Users\happy\AppData\Local\VirtualStore
2020-01-16 08:30 - 2016-11-08 17:43 - 000000000 ____D C:\Users\happy\AppData\Local\Battle.net
2020-01-15 20:48 - 2017-05-12 14:15 - 000000000 ____D C:\Program Files\UNP
2020-01-15 20:39 - 2019-05-04 19:46 - 000450624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-15 20:37 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-15 20:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-15 20:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 16:38 - 2016-11-09 21:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 16:35 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-15 16:35 - 2016-11-09 21:04 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-14 23:20 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-14 23:20 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-14 14:20 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-14 14:20 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-13 16:26 - 2019-06-21 09:19 - 000000000 ____D C:\Users\happy\AppData\Roaming\TeamViewer
2020-01-13 10:40 - 2019-09-16 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gwent [GOG.com]
2020-01-13 10:34 - 2016-05-07 15:15 - 000000000 ____D C:\ProgramData\PCDr
2020-01-13 10:33 - 2018-12-22 14:40 - 000000000 ____D C:\Users\happy\AppData\Roaming\discord
2020-01-13 10:30 - 2017-12-01 10:08 - 000000000 ___RD C:\Users\happy\3D Objects
2020-01-13 10:30 - 2016-05-07 15:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-01-13 10:27 - 2016-11-08 17:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-13 10:27 - 2016-05-07 15:25 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-01-13 10:23 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-01-13 10:23 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-01-13 10:23 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-01-13 10:23 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-01-13 10:23 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-01-13 10:23 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-01-13 03:21 - 2016-05-07 15:36 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-01-11 18:18 - 2019-12-06 16:54 - 000000279 _____ C:\Users\happy\Desktop\Bushcraft.txt
2020-01-10 14:49 - 2018-07-07 07:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-01-10 14:49 - 2016-11-08 17:38 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-09 14:41 - 2016-11-08 17:27 - 000000000 ___RD C:\Users\happy\OneDrive
2020-01-08 22:56 - 2019-06-09 07:55 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-08 22:56 - 2019-06-09 07:55 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-03 17:46 - 2019-09-16 13:39 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2020-01-03 12:32 - 2017-05-20 14:07 - 000000000 ____D C:\Users\happy\Downloads\Obrazky
2020-01-03 07:53 - 2017-12-01 09:38 - 000000000 ____D C:\Users\happy\AppData\Local\Packages
2020-01-02 13:18 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-31 12:35 - 2016-11-08 17:43 - 000000000 ____D C:\Program Files (x86)\Battle.net
2019-12-18 10:19 - 2018-06-05 19:43 - 000000000 ____D C:\Users\happy\AppData\Local\D3DSCache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2020
Ran by happy (16-01-2020 15:23:37)
Running from C:\Users\happy\Downloads
Windows 10 Home Version 1809 17763.973 (X64) (2019-05-04 19:11:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3194984547-3803563659-1041652947-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3194984547-3803563659-1041652947-503 - Limited - Disabled)
Guest (S-1-5-21-3194984547-3803563659-1041652947-501 - Limited - Disabled)
happy (S-1-5-21-3194984547-3803563659-1041652947-1001 - Administrator - Enabled) => C:\Users\happy
WDAGUtilityAccount (S-1-5-21-3194984547-3803563659-1041652947-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.314 - Adobe)
Aktualizace NVIDIA 38.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.1.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{a914536c-bd41-479c-96aa-dee4a9639c22}) (Version: 21.10.1 - Intel Corporation)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\{AEFE431B-C6FB-449E-B2DB-93E67B8B1DAF}) (Version: 3.4.0.217 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
Destiny 2 (HKLM-x32\...\Destiny 2) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{5F95C9CC-2614-4C5E-B1FC-43029FD7FD6B}) (Version: 1.1.149.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.14.2 - SCS Software)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Gwent (HKLM-x32\...\1971477531_is1) (Version: 5.0.9 - GOG.com)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Horizon v2.7.6.7 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.6.7 - Daring Development Inc.)
inst (HKLM-x32\...\{92FADD51-71F3-4B70-BD12-823CA7B124FC}) (Version: 1.0.0.0 - Creative Software Solutions GmbH)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}) (Version: 6.0.44.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{86905E62-645F-482E-A417-82C812ABD787}) (Version: 1.1.383 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{87048E79-8849-46B0-AFA4-CD79170D69C2}) (Version: 17.1.1529.1620 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kingdom Come: Deliverance – Band of Bastards (HKLM-x32\...\1957357825_is1) (Version: 247g - GOG.com)
Kingdom Come: Deliverance – From the Ashes (HKLM-x32\...\1201995925_is1) (Version: 247g - GOG.com)
Kingdom Come: Deliverance - HD Sound Pack (HKLM-x32\...\1929089326_is1) (Version: 1.7.2.1010 - GOG.com)
Kingdom Come: Deliverance – The Amorous Adventures of Bold Sir Hans Capon (HKLM-x32\...\1336069439_is1) (Version: 247g - GOG.com)
Kingdom Come: Deliverance (HKLM-x32\...\1719198803_is1) (Version: 1.7.2.1010 - GOG.com)
Kingdom Come: Deliverance Treasures of the Past DLC (HKLM-x32\...\1300320746_is1) (Version: 247g - GOG.com)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.12 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{A1C962E2-2426-49C6-A38B-9A07E40D607C}) (Version: 3.2.217.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.12325.20288 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mozilla Firefox 72.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.1 (x64 cs)) (Version: 72.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 72.0.1.7311 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 441.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.08 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20280 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 441.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.08 - NVIDIA Corporation) Hidden
Quake Ultimate Complete Collection (HKLM-x32\...\{2B2FBD25-F0E0-412B-8DA8-ECCA2DA53673}_is1) (Version: 1.0 - RAF)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21289 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8578 - Realtek Semiconductor Corp.)
Registrace produktu (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:) Hidden
Registrace produktu Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:)
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
Unity Web Player (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
Unreal Tournament 2004 (HKLM-x32\...\UT2004) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Wargaming.net Game Center) (Version: 19.8.0.7920 - Wargaming.net)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World_of_Warships_EU (HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net)
XPort 360 (HKLM-x32\...\XPort 360_is1) (Version: - )

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.154.400.0_x86__kgqvnymyfvs32 [2019-12-11] (king.com)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.4.7.0_x64__htrsf667h5kn2 [2019-12-05] (Dell Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxDTCM.dll [2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [9216 2018-09-15] (Microsoft Windows -> Microsoft Corporation)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-12-04 12:10 - 2018-12-04 12:10 - 000100864 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2019-11-22 10:02 - 2019-11-22 10:02 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201 [74]
AlternateDataStreams: C:\Windows:CM_e0501b65315a77c6cde279a3a8d62a1a6c48bf2c2e353a3654218165115f1673 [74]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\happy\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\happy\Downloads\Obrazky\72765528_694106104444934_2435134079012700160_o.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{41147FCD-04D3-4116-A096-7FEA9E2A0A8F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{3BEEDBC6-208A-448D-9AD1-A9557C5BF5D5}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{8EEFFC11-7C43-4CED-ACFF-F26FD73BD941}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{19E5DCD7-E595-4DA9-B9EF-B0AB94131114}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{510FF57B-DA67-4469-883B-796340D6C8B3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2FECB2A2-DE10-452B-8702-3E7778E96413}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{A3F3AEF4-ED41-42BF-8B0C-0EF0BF898510}C:\users\happy\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\happy\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{1E28B447-3A8F-4ECA-8D54-9D1CCABCFE11}C:\users\happy\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\happy\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{828BBD9D-FC9E-4A28-A6FD-BB8348C56DF6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E9883A66-64C2-4716-901D-2418D0D596D1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{02BB1F35-3F03-4EB7-9510-B341B7AF4B73}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{51289B7D-59D1-418A-82A8-EE068BC5694F}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [TCP Query User{3273B63C-247E-48FD-AE02-0E78AD88014C}C:\lucka a vojta\hry\hearthstone\hearthstone.exe] => (Allow) C:\lucka a vojta\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{B4AB33A3-1C33-42E5-8FE1-305855820036}C:\lucka a vojta\hry\hearthstone\hearthstone.exe] => (Allow) C:\lucka a vojta\hry\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{8B53A1E4-0A1E-4888-92CB-10197111D025}C:\users\happy\desktop\nová složka\half-life 1.6\half-life 1.6\hl.exe] => (Allow) C:\users\happy\desktop\nová složka\half-life 1.6\half-life 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{B1E0CA67-2FDC-4F5F-A8BA-DC2136ACF90C}C:\users\happy\desktop\nová složka\half-life 1.6\half-life 1.6\hl.exe] => (Allow) C:\users\happy\desktop\nová složka\half-life 1.6\half-life 1.6\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{3D304C28-3B20-419D-AC00-EEF104EB9B28}C:\users\happy\desktop\nová složka\warcraft iii\war3.exe] => (Allow) C:\users\happy\desktop\nová složka\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{3C0BC6BF-6D25-4638-B111-582DB6F549C2}C:\users\happy\desktop\nová složka\warcraft iii\war3.exe] => (Allow) C:\users\happy\desktop\nová složka\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{D49D5889-CD2B-4F99-9347-1F09C288C91C}C:\users\happy\desktop\nová složka\call of duty 2\cod2mp_s.exe] => (Allow) C:\users\happy\desktop\nová složka\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{C79DC3F4-830D-48C3-A4E9-5EC83296D101}C:\users\happy\desktop\nová složka\call of duty 2\cod2mp_s.exe] => (Allow) C:\users\happy\desktop\nová složka\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{07BE5AAD-FBF4-4F77-AB2C-100544563E90}C:\users\happy\desktop\nová složka\flatout-2---ondra\flatout 2 - ondra\flatout ii\flatout2.exe] => (Allow) C:\users\happy\desktop\nová složka\flatout-2---ondra\flatout 2 - ondra\flatout ii\flatout2.exe () [File not signed]
FirewallRules: [UDP Query User{C997B72A-68FE-47E7-A1FB-7FF3887D1E96}C:\users\happy\desktop\nová složka\flatout-2---ondra\flatout 2 - ondra\flatout ii\flatout2.exe] => (Allow) C:\users\happy\desktop\nová složka\flatout-2---ondra\flatout 2 - ondra\flatout ii\flatout2.exe () [File not signed]
FirewallRules: [TCP Query User{F65B63BC-C058-460E-A280-4A38CB6DC81E}C:\ut2004\system\ut2004.exe] => (Allow) C:\ut2004\system\ut2004.exe () [File not signed]
FirewallRules: [UDP Query User{43F9D559-F6F0-4A22-B879-F492A3CECAC7}C:\ut2004\system\ut2004.exe] => (Allow) C:\ut2004\system\ut2004.exe () [File not signed]
FirewallRules: [TCP Query User{C5DD5283-F781-4AE8-A4C9-0DA78272C235}C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{A36C4D9C-4DDC-4C6B-BF4B-1D43ECC1D201}C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{41703056-1397-40F9-9A57-BEA35816FA79}C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{807E300A-5E1E-4D3A-A2F1-A73FE10CB57E}C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\lucka a vojta\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{CA479B80-6714-4BDC-B865-133FAEFB6ECB}C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{EA440E9A-8DDE-434F-AAA4-807539EDE02E}C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Allow) C:\gog games\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{61C8C291-7432-4E75-A679-22A9DA6E5528}C:\lucka a vojta\hry\quake ultimate complete collection\quake iii complete\quake3.exe] => (Allow) C:\lucka a vojta\hry\quake ultimate complete collection\quake iii complete\quake3.exe () [File not signed]
FirewallRules: [UDP Query User{15F15818-DAA0-4DD5-87E7-E46683AB77AB}C:\lucka a vojta\hry\quake ultimate complete collection\quake iii complete\quake3.exe] => (Allow) C:\lucka a vojta\hry\quake ultimate complete collection\quake iii complete\quake3.exe () [File not signed]
FirewallRules: [{D3302B2A-3BEF-4D96-BBFB-5EE01144ED2C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{70036E8F-72BA-4837-A2CD-BDDA99899E97}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{266C6C40-4A66-4925-8C14-670719996906}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{61B76489-BE01-4BCD-AA30-6E7F0C93DB11}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2DF164F9-B261-452B-852C-4DFEF92D7073}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9651EAC3-C986-46D5-93BB-15F02F4B17D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0EF66B6F-7A14-461D-8F55-7368DB367E49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{697999D5-F47F-4B37-BD1B-5F1417787C43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BB502703-C2DA-439A-9231-2F737578F33E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{48FEDFF2-17EB-4DD3-AEFB-CB4566459111}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{E25AD6C8-C429-4571-9A9E-B75BD34EC2CA}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{7691238E-3212-47B0-86DE-97BCA8693D57}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{AAAAB79A-FD8D-4E8A-883C-FCE0D302D86D}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{32FD88A1-E969-4E98-9CDA-7CCC97CF3B82}C:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{564957DA-A878-429A-834A-9B5698029323}C:\users\happy\downloads\l\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\happy\downloads\l\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [UDP Query User{EE66DD60-8D93-4441-9FCE-155501476977}C:\users\happy\downloads\l\left 4 dead 2\left4dead2.exe] => (Allow) C:\users\happy\downloads\l\left 4 dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{DDA24E74-42A7-4E78-98A1-949FF72967DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6CDBCD28-5D0D-4A7C-BF36-01F2842BD97A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BD279785-1B3B-41F2-9FA2-010580297F71}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B8EECE00-93C3-42B1-887C-66949B682ECA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{7C36F51A-4A7B-48F2-B1BB-F919951F5C13}C:\lucka a vojta\hry\heroes of the storm\versions\base77692\heroesofthestorm_x64.exe] => (Allow) C:\lucka a vojta\hry\heroes of the storm\versions\base77692\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{25514842-0AAB-4F69-B43B-D8D8B57B6C5A}C:\lucka a vojta\hry\heroes of the storm\versions\base77692\heroesofthestorm_x64.exe] => (Allow) C:\lucka a vojta\hry\heroes of the storm\versions\base77692\heroesofthestorm_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{9B653923-A8BE-4692-8C07-C122A20EB855}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

09-01-2020 22:49:56 Naplánovaný kontrolní bod
13-01-2020 09:45:54 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/16/2020 01:56:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x28f0
Čas spuštění chybující aplikace: 0x01d5cc699e0491ae
Cesta k chybující aplikaci: C:\Users\happy\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 9b26e8e4-0855-47b3-84e4-2c77380d1c68
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/16/2020 01:35:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x267c
Čas spuštění chybující aplikace: 0x01d5cc68107f95ac
Cesta k chybující aplikaci: C:\Users\happy\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 42b5e7de-c6f2-4489-b828-7a869144bdb4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/16/2020 01:15:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.17763.592, časové razítko: 0xabe94558
Kód výjimky: 0xc000041d
Posun chyby: 0x00005fc7
ID chybujícího procesu: 0x748
Čas spuštění chybující aplikace: 0x01d5cc62cb7e0a59
Cesta k chybující aplikaci: C:\Users\happy\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: efe86148-16c3-4ab9-a3cd-99f00f61f764
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/16/2020 10:37:08 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (01/15/2020 08:43:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DeliveryService.exe, verze: 3.5.2013.0, časové razítko: 0x5d025c33
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.914, časové razítko: 0x6cc9b5fd
Kód výjimky: 0xe0434352
Posun chyby: 0x001219b2
ID chybujícího procesu: 0x1dd4
Čas spuštění chybující aplikace: 0x01d5cbdc15a4b10b
Cesta k chybující aplikaci: C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: e37f8793-e523-493b-a8ec-a96848ace9e7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/15/2020 08:43:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DeliveryService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na Dell.ClientFulfillmentService.ClientFulfillmentService.RetrieveAppConfig()
na Dell.ClientFulfillmentService.ClientFulfillmentService.ProcessAppConfig()
na Dell.ClientFulfillmentService.ClientFulfillmentService.InitializeService(System.Object)
na System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.TimerQueueTimer.CallCallback()
na System.Threading.TimerQueueTimer.Fire()
na System.Threading.TimerQueue.FireNextTimers()
na System.Threading.TimerQueue.AppDomainTimerCallback(Int32)

Error: (01/13/2020 07:25:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6156

Error: (01/13/2020 07:25:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6156


System errors:
=============
Error: (01/16/2020 01:45:57 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VN3NLC3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VN3NLC3\happy (SID: S-1-5-21-3194984547-3803563659-1041652947-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/16/2020 01:45:57 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VN3NLC3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VN3NLC3\happy (SID: S-1-5-21-3194984547-3803563659-1041652947-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/16/2020 01:31:52 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VN3NLC3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VN3NLC3\happy (SID: S-1-5-21-3194984547-3803563659-1041652947-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/16/2020 01:31:52 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VN3NLC3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VN3NLC3\happy (SID: S-1-5-21-3194984547-3803563659-1041652947-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/16/2020 01:31:20 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VN3NLC3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VN3NLC3\happy (SID: S-1-5-21-3194984547-3803563659-1041652947-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/16/2020 01:31:20 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VN3NLC3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VN3NLC3\happy (SID: S-1-5-21-3194984547-3803563659-1041652947-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/16/2020 01:27:56 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VN3NLC3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VN3NLC3\happy (SID: S-1-5-21-3194984547-3803563659-1041652947-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/16/2020 01:27:56 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VN3NLC3)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VN3NLC3\happy (SID: S-1-5-21-3194984547-3803563659-1041652947-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2020-01-16 13:14:49.473
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Uwasson.A!ml
ID: 251745
Závažnost: Střední
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\happy\Desktop\Update\Setup.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.307.2432.0, AS: 1.307.2432.0, NIS: 1.307.2432.0
Verze modulu: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2019-12-31 17:07:02.581
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4529D5F9-265A-464F-A652-A16F00B5E322}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-31 16:50:33.740
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BF7AEEA8-C405-4181-A10C-E5965C8EE7B6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2019-12-27 20:15:26.094
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-27 20:15:26.077
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-27 20:15:25.790
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-27 20:15:25.756
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-27 20:15:25.740
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-27 20:15:25.724
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-27 20:15:22.575
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-12-27 20:15:22.145
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Dell Inc. 1.2.9 09/03/2018
Motherboard: Dell Inc. 0H0CC0
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 49%
Total physical RAM: 8051.59 MB
Available physical RAM: 4067.18 MB
Total Virtual: 11379.59 MB
Available Virtual: 5565.23 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.84 GB) (Free:3.23 GB) NTFS

\\?\Volume{e24dff12-f291-4d3c-9d2c-391c050a83e9}\ () (Fixed) (Total:0.84 GB) (Free:0.44 GB) NTFS
\\?\Volume{0a582a44-53a5-416e-bcb2-e14c86d6142c}\ (Image) (Fixed) (Total:11.22 GB) (Free:0.65 GB) NTFS
\\?\Volume{ef412d29-5c2a-4a99-b5f8-660915e87131}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1FB38DFA)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118250
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu - někdo se mi naboural na email

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\MountPoints2: {e69e809a-8b5c-11e8-9f89-ac2b6e046621} - "D:\HiSuiteDownLoader.exe"
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {4B670AAF-45EF-47BE-B024-86037D1B5EF0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {93EB25A5-5326-43A5-9490-0ED9ED61FFCC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {99051A1C-72DA-4E0D-8CA8-EA7667D0944B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {A1D65A91-700D-42EF-8A6C-A836A69F54FD} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d445a3fc117 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {E606B0EE-2B19-4BCA-A1CA-EF5F8DD2FAA4} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d445a31b005 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld ... &p_w=y1w29
SearchScopes: HKLM -> DefaultScope {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origi ... w=y1w29&q={searchTerms}
SearchScopes: HKLM -> {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origi ... w=y1w29&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origi ... w=y1w29&q={searchTerms}
SearchScopes: HKLM-x32 -> {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origi ... w=y1w29&q={searchTerms}
R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-12-29] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Windows:CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201 [74]
AlternateDataStreams: C:\Windows:CM_e0501b65315a77c6cde279a3a8d62a1a6c48bf2c2e353a3654218165115f1673 [74]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\happy\AppData\Local\Temp:$DATA​ [16]
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
C:\Users\happy\Desktop\Update\Setup.exe

EmptyTemp:
End
Uložte do C:\Users\happy\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Happygirl.
Návštěvník
Návštěvník
Příspěvky: 60
Registrován: 01 srp 2006 11:54

Re: Prosím o kontrolu logu - někdo se mi naboural na email

#7 Příspěvek od Happygirl. »

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-01-2020
Ran by happy (17-01-2020 15:46:24) Run:1
Running from C:\Users\happy\Downloads
Loaded Profiles: happy (Available Profiles: happy)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\...\MountPoints2: {e69e809a-8b5c-11e8-9f89-ac2b6e046621} - "D:\HiSuiteDownLoader.exe"
ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)
Task: {4B670AAF-45EF-47BE-B024-86037D1B5EF0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {93EB25A5-5326-43A5-9490-0ED9ED61FFCC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {99051A1C-72DA-4E0D-8CA8-EA7667D0944B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {A1D65A91-700D-42EF-8A6C-A836A69F54FD} - System32\Tasks\GoogleUpdateTaskMachineUA1d57d445a3fc117 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
Task: {E606B0EE-2B19-4BCA-A1CA-EF5F8DD2FAA4} - System32\Tasks\GoogleUpdateTaskMachineCore1d57d445a31b005 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-09] (Google Inc -> Google LLC)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld ... &p_w=y1w29
SearchScopes: HKLM -> DefaultScope {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origi ... w=y1w29&q={searchTerms}
SearchScopes: HKLM -> {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origi ... w=y1w29&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origi ... w=y1w29&q={searchTerms}
SearchScopes: HKLM-x32 -> {CCA693F5-7C37-4E14-9042-152153BEF59D} URL = hxxps://search.gmx.com/web/result?origi ... w=y1w29&q={searchTerms}
R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2017-12-29] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Windows:CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201 [74]
AlternateDataStreams: C:\Windows:CM_e0501b65315a77c6cde279a3a8d62a1a6c48bf2c2e353a3654218165115f1673 [74]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\Users\happy\AppData\Local\Temp:$DATA? [16]
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
C:\Users\happy\Desktop\Update\Setup.exe

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => removed successfully
HKU\S-1-5-21-3194984547-3803563659-1041652947-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e69e809a-8b5c-11e8-9f89-ac2b6e046621} => removed successfully
"ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (No File)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4B670AAF-45EF-47BE-B024-86037D1B5EF0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B670AAF-45EF-47BE-B024-86037D1B5EF0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93EB25A5-5326-43A5-9490-0ED9ED61FFCC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93EB25A5-5326-43A5-9490-0ED9ED61FFCC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99051A1C-72DA-4E0D-8CA8-EA7667D0944B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99051A1C-72DA-4E0D-8CA8-EA7667D0944B}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A1D65A91-700D-42EF-8A6C-A836A69F54FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1D65A91-700D-42EF-8A6C-A836A69F54FD}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d57d445a3fc117 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d57d445a3fc117" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E606B0EE-2B19-4BCA-A1CA-EF5F8DD2FAA4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E606B0EE-2B19-4BCA-A1CA-EF5F8DD2FAA4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d57d445a31b005 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d57d445a31b005" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCA693F5-7C37-4E14-9042-152153BEF59D} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{CCA693F5-7C37-4E14-9042-152153BEF59D} => removed successfully
Bonjour Service => Unable to stop service.
HKLM\System\CurrentControlSet\Services\Bonjour Service => removed successfully
Bonjour Service => service removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Windows => ":CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201" ADS removed successfully
C:\Windows => ":CM_e0501b65315a77c6cde279a3a8d62a1a6c48bf2c2e353a3654218165115f1673" ADS removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
C:\Users\happy\AppData\Local\Temp => ":$DATA?" ADS could not remove.
C:\Users\Public\AppData => ":CSM" ADS removed successfully
C:\Users\happy\Desktop\Update\Setup.exe => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 278264134 B
Java, Flash, Steam htmlcache => 78203881 B
Windows/system/drivers => 8163906 B
Edge => 27927 B
Chrome => 110260166 B
Firefox => 451007582 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 2848218 B
systemprofile32 => 2848218 B
LocalService => 2848218 B
NetworkService => 2849408 B
happy => 38072443 B

RecycleBin => 0 B
EmptyTemp: => 940.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:47:22 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118250
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu - někdo se mi naboural na email

#8 Příspěvek od Rudy »

Smazáno, log by již měl být OK. Doporučuji si změnit heslo na mail.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“