Zablokovaný Personálny firewal

Zpráva

Zihos · #1 Příspěvek od **Zihos** » 07 črc 2020 12:07

Dobrý deň poprosím o kontrolu logu. Znefunkčnil sa mi Eset personálny Firewall a ani ten windowsacky sa nedá spustiť??

ďakujem.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-07-2020 01
Ran by udrzbaaqp (administrator) on DESKTOP-POLALO5 (Dell Inc. Latitude 5580) (07-07-2020 12:56:53)
Running from C:\Users\udrzbaaqp\Desktop
Loaded Profiles: udrzbaaqp
Platform: Windows 10 Pro Version 1703 15063.1418 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Andrey Gruber) [File not signed] C:\Ečko\Programy\PNotes_9_3_0\PNotes\PNotes.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1428\DSAPI.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRFE.EXE <2>
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779376 2019-01-07] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [82183912 2019-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [479368 2020-01-15] (Geek Software GmbH -> Geek Software GmbH)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1591160 2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23844664 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [com.squirrel.Teams.Teams] => C:\Users\udrzbaaqp\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\MountPoints2: {6dd2d4b8-6b64-11e9-9ce8-f85971a8590c} - "D:\Lenovo_Suite.exe"
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\MountPoints2: {d5717618-fc7b-11e8-9cdb-d481d7f7f5c5} - "D:\Lenovo_Suite.exe"
HKLM\...\Print\Monitors\C368SeriesPCL Language Monitor: C:\Windows\system32\KOAXWJ_L.DLL [25600 2017-08-28] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\EPSON XP-243 245 247 Series 64MonitorBE: C:\Windows\system32\E_YLMBRFE.DLL [182784 2015-12-08] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\IppMon: C:\Windows\system32\IPPMon.dll [225792 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-25] (Google LLC -> Google LLC)
HKLM\Software\...\Winlogon\GPExtensions: [{6490DB9D-2802-4956-BCCB-EC84EA0887BB}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{9650FDBC-053A-4715-AD14-FC2DC65E8330}] -> C:\Windows\system32\hvsigpext.dll [2017-07-08] (Microsoft Windows -> )
HKLM\Software\...\Winlogon\GPExtensions: [{D7300225-081C-4CED-9FAD-BFCF9EC3D1D3}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PNotes.lnk [2019-01-24]
ShortcutTarget: PNotes.lnk -> C:\Ečko\Programy\PNotes_9_3_0\PNotes\PNotes.exe (Andrey Gruber) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {063C2EB0-C7C3-4967-A709-0B41EAFC2307} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124776 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected" was unlocked. <==== ATTENTION
Task: {17682665-60E1-442B-BB3A-EA36D030D068} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {21CD68F9-E2F6-4983-AB2E-FF80256C782A} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {3579EDA6-2001-47A0-9ECC-8EFCD1B3F07F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-12-04] (Google Inc -> Google Inc.)
Task: {3EAB45F4-FAD5-450D-ABA4-B23CB03D3149} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-12-04] (Google Inc -> Google Inc.)
Task: {3EAB8EB2-3643-4622-A352-BBAE99DE029F} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1154008 2017-04-18] (Dell Inc. -> PC-Doctor, Inc.)
Task: {4546D6DE-FE8B-4ECE-AC99-7806FED0BAE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {46FF2EBB-749F-4308-8566-9B6D84F19CAC} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2742136 2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D36AC81-46A7-4865-BB1F-7A2C4B7CACD7} - System32\Tasks\EPSON XP-243 245 247 Series Update {E2A961FB-51F3-4705-9BA5-637791BA99F3} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {5EFC4D4F-E8C1-4B0C-B039-0CAB4DFAC595} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {63C040FF-CF67-4B86-A477-E367A9BF3308} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Ečko\Zálohy\Chrome down\esetonlinescanner_csy.exe LOGON
Task: {76F98DD7-042D-446C-B98D-9618D88D70A2} - System32\Tasks\EOSv3 Scheduler onTime => C:\Ečko\Zálohy\Chrome down\esetonlinescanner_csy.exe SCHED
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}" was unlocked. <==== ATTENTION
Task: {87CD0E90-C76C-4335-8E9F-53EC5C7955CC} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\Windows\system32\gpupdate.exe [29696 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
Task: {9FDD784C-1446-4E59-83FA-307791146B69} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1321368 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A87A9330-A53D-4B41-90A6-2A6CFC09D51E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {AFED2D50-27A6-4BE3-A0ED-F6B3E3B1A793} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C10D8BCB-81BC-4894-9F3E-D138B6B8DECE} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {C7C3CF0B-0E44-4B7B-81B1-69F49239E66D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB9FE7FA-DC00-4A99-BB02-AEDD619ABC22} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {CBD7C947-26AB-47BA-BCEC-FDC0AE972336} - System32\Tasks\EPSON XP-243 245 247 Series Update {13ACEA1D-E802-48E9-BCE9-7C74B0CAF84C} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {D03D7F87-E8CF-4A12-824D-DE473E4714FE} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1553880 2020-05-03] (Dell Inc. -> Dell Inc.)
Task: {DA418FF9-212E-434A-928B-58E24B37F6CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
"C:\Windows\System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up" was unlocked. <==== ATTENTION
Task: {DF260172-B53C-4049-A24A-C22637E9A3AF} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {F1387B19-AE8C-4F65-AAC9-46F3D7188521} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124776 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" was unlocked. <==== ATTENTION
Task: {F2BD8E11-1CB9-4F07-9937-666038E0CA7C} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\Windows\system32\gpupdate.exe [29696 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
Task: {F687CD97-A0B7-4AE5-986E-2244B3A4B3DE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {FB80F54B-77F2-4BBD-822A-28B59B55CF50} - System32\Tasks\PCDDataUploadTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1154008 2017-04-18] (Dell Inc. -> PC-Doctor, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {13ACEA1D-E802-48E9-BCE9-7C74B0CAF84C}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{13ACEA1D-E802-48E9-BCE9-7C74B0CAF84C} /F:UpdateTHERME\DESKTOP-POLALO5$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {E2A961FB-51F3-4705-9BA5-637791BA99F3}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{E2A961FB-51F3-4705-9BA5-637791BA99F3} /F:UpdateTHERME\DESKTOP-POLALO5$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{e2cb4e83-ff22-4e83-8d4a-7bd8a6a9a3bc}: [DhcpNameServer] 208.91.112.53 208.91.112.52
Tcpip\..\Interfaces\{f82cf98f-69c3-425b-ae5c-8530af3ed851}: [DhcpNameServer] 192.168.0.9

Internet Explorer:
==================
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1142325245-130890802-2529674674-2207 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-05] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Extension: (Adblocker na Youtube™) - C:\Program Files\Mozilla Firefox\browser\features\{733ED5DC-6D54-4A04-900B-CA85BF4B9A1B}.xpi [2018-12-02] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2019-10-16] [Legacy] [not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1142325245-130890802-2529674674-2207: @zoom.us/ZoomVideoPlugin -> C:\Users\udrzbaaqp\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-22] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default [2020-07-07]
CHR DownloadDir: C:\Ečko\Zálohy\Chrome down
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://vosveteit.sk; hxxps://www.autodoc.sk; hxxps://www.facebook.com; hxxps://www.tyzden.sk; hxxps://www.viry.cz
CHR Extension: (Prezentácie) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-04]
CHR Extension: (Dokumenty) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-04]
CHR Extension: (Disk Google) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-04]
CHR Extension: (YouTube) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-04]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-07-04]
CHR Extension: (Chrome Remote Desktop) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2020-04-23]
CHR Extension: (Tabuľky) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-04]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-11-06]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-31]
CHR Extension: (Google Calendar) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2020-06-12]
CHR Extension: (Chrome Remote Desktop) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-11-06]
CHR Extension: (Mapy Google) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jofhmakmcmhjkgbkaknehpglphepfmii [2020-04-27]
CHR Extension: (10 skrytých funkcií v prehliadači Google Chrome, ktoré Vám uľahčia život. Poznáte ich? | Vosveteit.sk) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nedagfinghcpjjpcopcghojnmolfeoil [2019-10-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (TeamViewer) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2019-11-19]
CHR Extension: (Ocean) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgedigcdbemilinbicidhplhebjoafpl [2018-12-04]
CHR Extension: (Gmail) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-10]
CHR Extension: (Stopky / časovač / Budík) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmbmdkichekkmkgbohcbpfehiekdjnpl [2018-12-04]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [118952 2019-01-07] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\84.0.4147.39\remoting_host.exe [73200 2020-06-08] (Google LLC -> Spoločnosť Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10634632 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [86048 2017-08-16] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [248376 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3359288 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [271416 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1428\DSAPI.exe [965104 2020-05-10] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{D0FBE4E3-CEB7-4D1E-9F87-E7AB8A3A1F01} [21408 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{D0FBE4E3-CEB7-4D1E-9F87-E7AB8A3A1F01} [21408 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36544 2020-04-17] (Dell Inc -> )
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
S2 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Security\ehttpsrv.exe [43208 2015-11-27] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [1612000 2015-11-27] (ESET, spol. s r.o. -> ESET)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Security\eshasrv.exe [185032 2015-11-27] (ESET, spol. s r.o. -> ESET)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\FileSyncHelper.exe [2157944 2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6970968 2020-07-07] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\OneDriveUpdaterService.exe [2511216 2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [479368 2020-01-15] (Geek Software GmbH -> Geek Software GmbH)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [269600 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2018-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [38360 2020-05-03] (Dell Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109264 2020-06-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3753016 2019-08-19] (Intel Corporation -> Intel® Corporation)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Wondershare MobileTrans\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 522A849C; C:\Windows\System32\drivers\522A849C.sys [478392 2020-07-06] (Kaspersky Lab -> Kaspersky Lab ZAO)
R3 ApHidfiltrService; C:\Windows\System32\drivers\ApHidfiltr.sys [370344 2019-01-07] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [68096 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [35704 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
S3 DroidCam; C:\Windows\system32\DRIVERS\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
S3 DroidCamVideo; C:\Windows\system32\DRIVERS\droidcamvideo.sys [33768 2020-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 e1dexpress; C:\Windows\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_63a4db11c926c9ab\e1d68x64.sys [606672 2019-08-06] (Intel(R) INTELND1820 -> Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [253752 2015-11-11] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186272 2015-11-11] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [205288 2015-11-11] (ESET, spol. s r.o. -> ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [52872 2015-11-11] (ESET, spol. s r.o. -> ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69328 2015-11-11] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-07-07] (Malwarebytes Corporation -> Malwarebytes)
S3 FTDIBUS; C:\Windows\system32\drivers\ftdibus.sys [68800 2008-03-13] (Future Technology Devices International Ltd -> FTDI Ltd.)
S3 FTSER2K; C:\Windows\system32\drivers\ftser2k.sys [86376 2013-07-12] (Future Technology Devices International Ltd -> FTDI Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216056 2020-07-07] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-07-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [196752 2020-07-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73368 2020-07-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-07-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [131728 2020-07-07] (Malwarebytes Inc -> Malwarebytes)
S3 mosuport; C:\Windows\System32\drivers\mosuport.sys [367744 2016-12-23] (WDKTestCert Alex,130940336584439605 -> ASIX Electronics Corporation)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3059821F-412C-4E13-9032-16BE2E89618A}\MpKslDrv.sys [43232 2020-07-07] (Microsoft Windows -> Microsoft Corporation)
S3 nmwcd; C:\Windows\system32\drivers\ccdcmbx64.sys [19968 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\system32\drivers\ccdcmbox64.sys [27136 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pccsmcfd; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] (Microsoft Windows -> )
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [9216 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [9216 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45976 2020-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [408816 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [220672 2017-03-18] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-07-07 12:56 - 2020-07-07 12:58 - 000037590 _____ C:\Users\udrzbaaqp\Desktop\FRST.txt
2020-07-07 12:25 - 2020-07-07 12:25 - 002292224 _____ (Farbar) C:\Users\udrzbaaqp\Desktop\FRST64.exe
2020-07-07 12:06 - 2020-07-07 12:06 - 000196752 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-07-07 12:06 - 2020-07-07 12:06 - 000131728 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-07-07 12:06 - 2020-07-07 12:06 - 000073368 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-07-07 12:06 - 2020-07-07 12:06 - 000002043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-07-07 12:05 - 2020-07-07 12:05 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-07-07 12:05 - 2020-07-07 12:05 - 000216056 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-07-07 12:05 - 2020-07-07 12:05 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-07-07 12:05 - 2020-07-07 12:05 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-07-07 12:05 - 2020-07-07 12:05 - 000000000 ____D C:\Program Files\Malwarebytes
2020-07-06 20:06 - 2020-07-07 08:00 - 000000000 ____D C:\KVRT_Data
2020-07-06 20:06 - 2020-07-06 20:06 - 000478392 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\522A849C.sys
2020-07-04 18:06 - 2020-07-04 18:06 - 000000000 ____D C:\Users\udrzbaaqp\AppData\LocalLow\Intel
2020-07-03 13:58 - 2020-07-07 06:44 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Anomálie
2020-06-30 16:33 - 2020-06-30 16:33 - 000000756 _____ C:\Users\udrzbaaqp\Desktop\bluetooth_content_share.html
2020-06-28 16:17 - 2020-06-28 16:17 - 000003206 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2020-06-28 16:16 - 2020-06-28 16:16 - 000002174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-16 06:39 - 2020-06-16 06:42 - 000001948 _____ C:\Users\udrzbaaqp\Desktop\Potvrdenie o prevzatí zariadenia na opravu.docx – odkaz.lnk
2020-06-14 17:59 - 2020-07-04 18:04 - 000000000 ____D C:\Windows\LastGood
2020-06-14 17:58 - 2020-06-14 17:57 - 024063104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRender64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 024942088 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 024161688 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 007272536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2020-06-14 17:58 - 2020-02-17 22:55 - 003819720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 003676960 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2020-06-14 17:58 - 2020-02-17 22:55 - 003340304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 003159672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 002930040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 001353216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 000692056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 000575080 _____ (Intel Corporation) C:\Windows\system32\tbb_waves.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 000343600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 000240024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 000200600 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 000192872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 000023584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2020-06-14 17:58 - 2019-12-19 14:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2020-06-10 16:58 - 2020-06-10 17:02 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\ODKAZY privát
2020-06-10 16:39 - 2020-06-10 16:39 - 000000819 _____ C:\Users\udrzbaaqp\Desktop\HELP – odkaz.lnk
2020-06-10 15:33 - 2020-06-14 18:58 - 1103011603 _____ C:\Windows\MEMORY.DMP
2020-06-10 15:33 - 2020-06-10 15:35 - 001806836 _____ C:\Windows\Minidump\061020-35296-01.dmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-07-07 12:57 - 2018-12-03 08:35 - 000000000 ____D C:\FRST
2020-07-07 12:57 - 2016-09-06 07:07 - 000000000 ____D C:\Users\udrzbaaqp\Documents\Archiv pošta
2020-07-07 12:56 - 2017-07-07 17:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-07-07 12:36 - 2018-06-28 20:24 - 000000515 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2020-07-07 12:30 - 2020-04-10 10:10 - 000500394 _____ C:\Windows\system32\perfh01B.dat
2020-07-07 12:30 - 2020-04-10 10:10 - 000140078 _____ C:\Windows\system32\perfc01B.dat
2020-07-07 12:30 - 2017-07-07 17:42 - 003504988 _____ C:\Windows\system32\PerfStringBackup.INI
2020-07-07 12:25 - 2018-06-19 18:33 - 000000000 ____D C:\Ečko
2020-07-07 12:12 - 2018-07-01 20:03 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Udrzba NB
2020-07-07 12:05 - 2018-07-01 19:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-07-07 12:05 - 2017-03-18 23:03 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-07-07 12:04 - 2020-02-25 07:48 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Local\CrashDumps
2020-07-07 11:01 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\Registration
2020-07-07 11:01 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\AppReadiness
2020-07-07 10:58 - 2018-06-19 13:27 - 000000000 __SHD C:\Users\udrzbaaqp\IntelGraphicsProfiles
2020-07-07 10:57 - 2018-06-19 16:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-07-07 10:56 - 2018-06-19 13:27 - 000000000 ____D C:\Users\udrzbaaqp
2020-07-07 10:56 - 2017-07-07 17:42 - 000000000 ____D C:\Intel
2020-07-07 10:56 - 2017-07-07 17:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-07-07 10:56 - 2017-03-18 13:40 - 002359296 _____ C:\Windows\system32\config\BBI
2020-07-06 20:40 - 2019-09-13 08:13 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2020-07-06 20:40 - 2017-07-07 17:43 - 000000000 ____D C:\ProgramData\Intel
2020-07-06 20:38 - 2017-03-18 13:40 - 000032768 _____ C:\Windows\system32\config\ELAM
2020-07-06 13:12 - 2019-10-13 09:06 - 000000000 ____D C:\ProgramData\AMMYY
2020-07-06 12:14 - 2018-06-19 13:27 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Local\Packages
2020-07-04 18:04 - 2017-03-18 23:01 - 000000000 ____D C:\Windows\INF
2020-07-04 18:01 - 2017-07-07 17:48 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2020-07-04 15:59 - 2018-10-14 08:30 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\vlc
2020-07-04 15:53 - 2018-10-14 08:30 - 000001141 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-07-03 10:06 - 2019-06-11 07:01 - 000002782 _____ C:\Users\udrzbaaqp\Desktop\DOVOLENKY 2020 Server.lnk
2020-07-02 09:36 - 2018-06-19 12:11 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-06-28 16:17 - 2018-06-19 13:30 - 000000000 ___RD C:\Users\udrzbaaqp\OneDrive
2020-06-28 16:17 - 2017-09-06 12:33 - 000000000 ___RD C:\Users\mbajannekk\OneDrive
2020-06-28 16:17 - 2017-08-16 10:13 - 000000000 ___RD C:\Users\admin\OneDrive
2020-06-25 09:42 - 2018-12-04 12:51 - 000002317 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-25 09:42 - 2018-12-04 12:51 - 000002276 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-23 20:15 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-22 06:42 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-22 06:40 - 2017-09-22 14:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-06-18 17:35 - 2018-06-19 19:44 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Odkazy VNC intranet
2020-06-18 06:42 - 2018-10-21 18:07 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Temp Skeny
2020-06-14 18:58 - 2018-07-16 14:52 - 000000000 ____D C:\Windows\Minidump
2020-06-14 18:05 - 2017-07-07 17:45 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-06-14 17:59 - 2017-07-07 17:45 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2020-06-14 17:58 - 2017-07-07 17:45 - 000019632 _____ C:\Windows\SysWOW64\RtkMsgs.dll
2020-06-14 17:56 - 2017-07-07 17:42 - 000000000 ____D C:\Program Files (x86)\Intel
2020-06-14 16:59 - 2018-08-05 17:20 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\Audacity
2020-06-12 16:44 - 2020-05-07 15:47 - 000001483 _____ C:\Users\udrzbaaqp\Desktop\Saunový svet_PD – odkaz.lnk
2020-06-10 15:52 - 2018-06-19 17:00 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\TeamViewer
2020-06-10 15:34 - 2017-07-31 10:19 - 000000000 ____D C:\Users\admin

==================== Files in the root of some directories ========

2019-10-29 11:04 - 2019-10-29 11:04 - 000024052 _____ () C:\Users\udrzbaaqp\AppData\Roaming\Hodnoty oddelené čiarkou.ADR
2018-07-02 13:49 - 2018-07-02 13:49 - 000008242 _____ () C:\Users\udrzbaaqp\AppData\Roaming\Hodnoty oddelené čiarkou.EML
2020-02-15 12:48 - 2020-05-31 19:47 - 000005120 _____ () C:\Users\udrzbaaqp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-02 22:26 - 2018-12-02 22:26 - 000140800 _____ () C:\Users\udrzbaaqp\AppData\Local\installer.dat
2018-11-06 22:54 - 2018-11-06 22:54 - 000000017 _____ () C:\Users\udrzbaaqp\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-07-07 12:32
==================== End of FRST.txt ========================

Zihos · #2 Příspěvek od **Zihos** » 07 črc 2020 12:07

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-07-2020 01
Ran by udrzbaaqp (07-07-2020 13:00:41)
Running from C:\Users\udrzbaaqp\Desktop
Windows 10 Pro Version 1703 15063.1418 (X64) (2017-07-30 23:07:20)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

admin (S-1-5-21-3488352295-3265554142-2068840992-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-3488352295-3265554142-2068840992-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3488352295-3265554142-2068840992-503 - Limited - Disabled)
Guest (S-1-5-21-3488352295-3265554142-2068840992-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Endpoint Security 6.3.2016.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Security 6.3.2016.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personálny firewall (Disabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.4 (HKLM\...\{62C59C21-F5F5-41A1-B575-DE37FEAA285B}) (Version: 4.4.11.2412 - Open Media LLC)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Ashampoo WinOptimizer 2010 Advanced (HKLM-x32\...\Ashampoo WinOptimizer 2010 Advanced_is1) (Version: 6.5.0 - Ashampoo GmbH & Co. KG)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.59.1 - Asmedia Technology)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
bubans 1.00 (HKLM-x32\...\bubans 1.00) (Version: 1.00 - bubans)
Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.2.1 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{7294961D-6EC1-4418-9017-0180A0C78A91}) (Version: 3.2.1006.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\{6D2933E3-DC42-44E5-B80E-DACDD64ADFF5}) (Version: 3.5.0.448 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.212 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.212 - ALPS ELECTRIC CO., LTD.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.3.6855.212 - PC-Doctor, Inc.) Hidden
DWGSee Pro 2017 (HKLM-x32\...\{95EBD9FE-2F20-454A-84FC-6D22A8978A0A}) (Version: 4.43 - AutoDWG)
Easy Photo Scan (HKLM-x32\...\{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B}) (Version: 1.00.0017 - Seiko Epson Corporation)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.2 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Printer Connection Checker (HKLM-x32\...\{FFA5C174-DB3F-4AFE-B59D-C0FB1744CD76}) (Version: 3.1.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{FD036A57-F81D-4865-AAF0-811558EA76AE}) (Version: 4.5.1 - Seiko Epson Corporation)
EPSON XP-243 245 247 Series Printer Uninstall (HKLM\...\EPSON XP-243 245 247 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
ESET Endpoint Security (HKLM\...\{900372AF-5CB7-40EA-A564-84420E4BB5ED}) (Version: 6.3.2016.1 - ESET, spol. s r.o.)
FastStone Image Viewer 6.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.5 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Chrome Remote Desktop Host (HKLM-x32\...\{FEA4124F-FABE-440B-BA03-489722A59439}) (Version: 84.0.4147.39 - Google Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.364 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 22.9 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.8142 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000080-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.80.0.3 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8909c7f7-2f31-4786-b020-18218d3cabf3}) (Version: 21.40.1 - Intel Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden
Microsoft 365 for business - sk-sk (HKLM\...\O365BusinessRetail - sk-sk) (Version: 16.0.12827.20336 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Teams) (Version: 1.2.00.19260 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20336 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF24 Creator 9.0.3 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Príručky EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17763.21313 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)
ScanMaster-ELM 2.1.104.771 (HKLM\...\ScanMaster-ELM_is1) (Version: 2.1.104.771 - WGSoft.de)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0079 - ST Microelectronics)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.19260 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.7.6 - TeamViewer)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
Total Video Converter 3.71 100812 (HKLM-x32\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.2.1 - uvnc bvba)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Small Business Server 2011 Standard ClientAgent (HKLM\...\{5C72F8A3-BF39-4733-B41E-0ED7EF622E37}) (Version: 6.1.7900.1 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Photoshop Express: Image Editor, Adjustments, Filters, Effects, Borders -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.1.12.0_x64__ynb6jyjzte8ga [2020-06-23] (Adobe Inc.)
Code Writer -> C:\Program Files\WindowsApps\ActiproSoftwareLLC.562882FEEB491_2.6.19.19_neutral__24pqs290vpjk0 [2018-06-20] (Actipro Software LLC)
Duolingo - Learn Languages for Free -> C:\Program Files\WindowsApps\D5EA27B7.Duolingo-LearnLanguagesforFree_2017.112.1.0_x64__yx6k7tf7xvsea [2018-09-01] (Duolingo Inc.)
Eclipse Manager -> C:\Program Files\WindowsApps\46928bounde.EclipseManager_3.2.18.0_x64__a5h4egax66k6y [2018-09-01] (Ounce Digital)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-08] (Microsoft Corporation)
KONICA MINOLTA Print Experience -> C:\Program Files\WindowsApps\KONICAMINOLTAINC.KONICAMINOLTAPrintExperience_1.4.0.4_neutral__s63fsn2sety0r [2020-03-25] (KONICA MINOLTA INC)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1107.0_x86__8wekyb3d8bbwe [2019-09-05] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-23] (Microsoft Corporation) [MS Ad]
Network Speed Test -> C:\Program Files\WindowsApps\Microsoft.NetworkSpeedTest_1.0.0.23_x64__8wekyb3d8bbwe [2018-06-20] (Microsoft Research)
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20116.0_x64__8wekyb3d8bbwe [2018-12-12] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1142325245-130890802-2529674674-2207_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\udrzbaaqp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1142325245-130890802-2529674674-2207_Classes\CLSID\{930e604a-cc01-4d06-8d7a-5a07914f3afb}\localserver32 -> "C:\Program Files\TechSmith\Camtasia 2019\CamtasiaStudio.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-1142325245-130890802-2529674674-2207_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-1142325245-130890802-2529674674-2207_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\udrzbaaqp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1142325245-130890802-2529674674-2207_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DWGSeeMenu] -> {A6EAF440-149E-4AF3-AE84-5DA3CF791E3B} => C:\Program Files (x86)\AutoDWG\DWGSee Pro 2017\DWGSeeMenu64.dll [2012-07-13] (TODO: <Company name>) [File not signed]
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2015-11-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2015-11-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-07-07] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igfxDTCM.dll [2020-04-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2015-11-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-07-07] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1_S-1-5-21-1142325245-130890802-2529674674-2207: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\10 skrytých funkcií v prehliadači Google Chrome, ktoré Vám uľahčia život. Poznáte ich_ _ Vosveteit.sk.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nedagfinghcpjjpcopcghojnmolfeoil
ShortcutWithArgument: C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\TeamViewer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=oooiobdokpcfdlahlmcddobejikcmkfo
ShortcutWithArgument: C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Vzdialená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb

==================== Loaded Modules (Whitelisted) =============

2018-06-19 19:59 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2018-06-20 06:30 - 2011-05-04 15:53 - 000373248 _____ (hxxp://hunspell.sourceforge.net/) [File not signed] C:\Ečko\Programy\PNotes_9_3_0\PNotes\libhunspell.dll
2016-10-14 21:00 - 2016-10-14 21:00 - 000347648 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2015-12-17 12:11 - 2015-12-17 12:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll
2020-01-13 08:04 - 2020-01-13 08:04 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll
2018-06-19 20:00 - 2012-07-13 16:28 - 000125952 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\AutoDWG\DWGSee Pro 2017\DWGSeeMenu64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\01417951.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\36261067.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\522A849C.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\82004834.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\01417951.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\36261067.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\522A849C.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\82004834.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\sharepoint.com -> hxxps://slktt-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-12-04 08:42 - 2018-12-04 08:42 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

2018-06-28 20:24 - 2020-07-07 12:36 - 000000515 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Control Panel\Desktop\\Wallpaper -> C:\Users\udrzbaaqp\AppData\Roaming\FastStone\FSIV\FSViewerWallPaper.bmp
DNS Servers: 192.168.0.9
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: ESET Personal Firewall -> ESET_EpfwLWF (enabled)
Ethernet: ESET Personal Firewall -> ESET_EpfwLWF (enabled)
Lokálne pripojenie* 11: ESET Personal Firewall -> ESET_EpfwLWF (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F8CDA4C7-AF7D-425C-9515-D687080F23BA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{30BE1758-A079-4A9A-8DFC-DBB7E57BDBA5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E8A9D832-4A9E-4C0F-99BA-4917C551B39B}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{5FD1CF25-5543-437E-BE0E-6D1173AF9FD7}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{3924BC8B-8F96-4D84-9639-0DBA78264FB1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{5A3CB768-233C-4AC2-B650-D4DB37340CAB}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{FE37FFAD-074F-4917-9BF0-3E483ECBDE93}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{175C6063-69B4-4F7C-833A-81E0F87C85F9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E7665C6A-C513-493A-83B7-E109BADFB8E2}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{0AFA369B-9F32-4C14-8EAE-8FD974B8E4C6}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{45CC2AF6-CABE-4FBD-8E53-94AFD7DB205B}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1EEAD3BD-D31B-464C-A087-3375DBB04327}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D7DA4E4D-3887-4F57-BC8A-C50B50FE7DD6}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D726FF13-564C-459C-BBE3-32302163F908}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{00787FC9-48FD-42E8-B89A-C249C14F7062}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7A1E6A61-9E64-4A76-9341-40685F2B96B8}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E0782278-F50E-49E2-8C8F-1B8558A51356}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C8B9A9F7-09C1-4B45-B523-50C737B060AF}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{953268F5-FCD4-4341-ACC8-3CD30A43B56C}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2FC41984-C79C-4704-8337-55A7C419E100}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7DC87C82-6755-467E-8843-3D3B664D7ED1}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0D81ABBD-0344-400C-BF24-19BF07B84B87}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{91F00B30-A47C-471D-B27E-7C3008F1AF40}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{306CE2B0-D04E-453E-A43C-A3F2A40F1E9A}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8D485635-5527-4096-9B8A-6ED1517102F1}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AB886EE2-9AE3-44F2-B4F1-9CAEA00AC89D}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C0F72AC4-172D-406C-B079-20ACAE4511AD}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{14AB0ABA-1CD1-43B3-8F5C-28BC2C1E2803}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{03280B6B-2A01-403C-B726-FAF52B798017}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{94277605-A5B3-40C4-90E6-334B2BCF084C}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6F6189E5-3F0B-46EF-9DFE-7B7A11E60BD1}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{27E8BF9D-60D8-412F-8F5F-75F330C2CDEB}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0683E3BE-94CD-4AA4-8E3A-D28A9E5F4CFE}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4A844941-D9EA-4C2E-9116-3B484DFEE089}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{77C7B55D-FC38-4F12-93DF-EE14CC79E4E1}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CF5DEACF-C94F-4F8A-98F8-593707C6C7B5}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{31CC744F-9843-4A58-9970-414D745D89BE}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6394054A-CECF-462D-A96C-0192F6D09E09}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1D4D17A0-D73B-4F69-A114-E7DED143DD81}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{214F9CBF-B9C7-46A2-A6DE-F36E7ACCE479}] => (Allow) LPort=8317
FirewallRules: [{993778C5-77FD-47C0-B804-167D81CDA1E2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4FFDAC66-FD32-4ECB-AF6E-E3C0E5A47AB5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{86CA9F0C-5C22-46F4-BFEB-15D33D75EAD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8DECE276-ADD6-4E17-B63C-CE6F6CA8D147}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5542FF46-8014-46CA-9D78-7DCA1F5FB956}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{33DBC931-5BA7-42E6-9E13-48E74987132F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2646545D-6DAB-494D-A45E-D8E2A1C69008}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6D228671-3668-4E9E-8CB0-97568DE160C3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BA01BDC2-E8D1-4279-B2DC-644C62C0F9D9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3573F02D-062B-40C0-991D-4AB060C41FC9}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\84.0.4147.39\remoting_host.exe (Google LLC -> Spoločnosť Google Inc.)
FirewallRules: [{8695E094-7B5D-47AC-AF90-7B0EAE8392C6}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EF0A5674-3324-4E63-9F88-4A0E1E202C83}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5BC8C130-22B8-4240-89A4-FCF39D48CAB6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B526D72F-F45B-455B-95F3-2CA03BD8F758}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{671E284B-8701-4E99-82B9-1ADDBFC80A9F}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{24D38C44-A060-4A9A-8489-310B47F5304E}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6A490938-34A1-46F2-A9A0-8E0F84CA7919}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{11CC20F9-57DF-45BF-B3BB-01B3D2737D3F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1C8FCF68-6695-4D77-9CBD-774903358712}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{23A5C5DD-0056-4D38-8C1E-E50288BD4386}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2C3B75C9-6E32-4643-9904-09EC389359C6}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E12A3C20-3E63-4160-B5D4-3357903C8C3A}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8956D3B2-D608-4B99-9C95-32B39E6F2E44}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{676E7270-E9E8-46A4-ABD4-7D3C3899FD8B}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)

==================== Restore Points =========================

16-06-2020 11:50:02 Scheduled Checkpoint
25-06-2020 14:11:06 Scheduled Checkpoint
06-07-2020 10:58:16 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (07/07/2020 12:23:20 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

Error: (07/07/2020 12:23:20 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

Error: (07/07/2020 12:23:15 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

Error: (07/07/2020 12:23:15 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

Error: (07/07/2020 12:23:10 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

Error: (07/07/2020 12:23:10 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

Error: (07/07/2020 12:23:05 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

Error: (07/07/2020 12:23:05 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

System errors:
=============
Error: (07/07/2020 12:57:25 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1110) (User: THERME)
Description: Spracovanie skupinovej politiky zlyhalo. Systému Windows sa nepodarilo určiť, či kontá používateľa a počítača patria do rovnakého lesa. Skontrolujte, či sa názov domény používateľa zhoduje s názvom dôveryhodnej domény, ktorá sa nachádza v rovnakom lese ako konto počítača.

Error: (07/07/2020 12:56:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/07/2020 12:33:58 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1097) (User: NT AUTHORITY)
Description: Spracovanie skupinovej politiky zlyhalo. Systém Windows nemohol určiť konto počítača na presadenie nastavení skupinovej politiky. Tento stav môže byť prechodný. Nastavenia skupinovej politiky vrátane konfigurácie počítača sa na tomto počítači nepresadia.

Error: (07/07/2020 12:33:58 PM) (Source: Kerberos) (EventID: 7) (User: )
Description: The digitally signed Privilege Attribute Certificate (PAC) that contains the authorization information for client DESKTOP-POLALO5$ in realm THERME.LOCAL could not be validated.

This error is usually caused by domain trust failures; Contact your system administrator.

Error: (07/07/2020 12:01:02 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/07/2020 11:54:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (07/07/2020 10:58:25 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1110) (User: THERME)
Description: Spracovanie skupinovej politiky zlyhalo. Systému Windows sa nepodarilo určiť, či kontá používateľa a počítača patria do rovnakého lesa. Skontrolujte, či sa názov domény používateľa zhoduje s názvom dôveryhodnej domény, ktorá sa nachádza v rovnakom lese ako konto počítača.

Error: (07/07/2020 10:56:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby CldFlt zlyhalo kvôli nasledujúcej chybe:
The request is not supported.

Windows Defender:
===================================
Date: 2020-07-03 09:52:52.422
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AD14D3B7-0C88-4D1B-8A44-E1C495505FCE}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-07-02 14:04:52.425
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {502CB5ED-1707-493B-81EC-9BC3D8EA03FA}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-07-02 11:18:09.364
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {351DB364-605C-467D-B00E-2CEF07036D86}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-07-02 11:02:44.143
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {4C8B4070-5143-49DE-A03D-722035A12893}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-06-16 11:31:43.264
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C106FB1A-27A4-404A-B069-31D9901C48BB}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-15 21:09:07.940
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.307.418.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-12-15 21:09:07.939
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.307.418.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-12-15 21:09:07.939
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.307.418.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-12-15 21:09:07.905
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.307.418.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-12-15 21:09:07.904
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.307.418.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===================================

Date: 2020-07-07 12:32:28.932
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-07 11:08:05.133
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-07 11:08:04.593
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-07 11:08:03.805
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-07 11:08:02.414
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-07 10:57:35.467
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-07 10:57:34.746
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-07 10:57:31.382
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.17.1 01/07/2020
Motherboard: Dell Inc. 0NY0H9
Processor: Intel(R) Core(TM) i3-7100U CPU @ 2.40GHz
Percentage of memory in use: 49%
Total physical RAM: 8053.84 MB
Available physical RAM: 4085.04 MB
Total Virtual: 12149.84 MB
Available Virtual: 7296.68 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:930.43 GB) (Free:451.1 GB) NTFS
Drive d: (OS) (RAMDisk) (Total:930.43 GB) (Free:451.93 GB) NTFS
Drive e: (PAMATOVKA) (Removable) (Total:1.83 GB) (Free:0.69 GB) FAT

\\?\Volume{e89665cc-5f74-4828-aa06-4e871948ff31}\ (WINRETOOLS) (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E0EAED6D)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 1.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

#3 Příspěvek od **Rudy** » 07 črc 2020 12:33

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Zihos · #4 Příspěvek od **Zihos** » 07 črc 2020 15:59

Bolo tam len tlačitko Karanténa nie Čištění a opravy vypadlo mi toto len mi to vymazalo podporu Dell keď tak pozerám a preinstaled je tam dosť toho podozrivo potrebného pre system si myslím...

# -------------------------------
# Malwarebytes AdwCleaner 8.0.6.0
# -------------------------------
# Build: 06-24-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-07-2020
# Duration: 00:00:46
# OS: Windows 10 Pro
# Cleaned: 20
# Failed: 3

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted izito.sk

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted findit
Deleted findit

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.DellCommand|PowerManager Folder C:\Program Files\DELL\COMMANDPOWERMANAGER
Deleted Preinstalled.DellCommand|PowerManager Folder C:\ProgramData\DELL\COMMANDPOWERMANAGER
Deleted Preinstalled.DellCommand|PowerManager Registry HKLM\Software\Classes\CLSID\{80646CC0-651E-4EBD-BCDA-1A8E6CC4926A}
Deleted Preinstalled.DellCommand|PowerManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}
Deleted Preinstalled.DellDigitalDelivery Folder C:\Program Files (x86)\DELL DIGITAL DELIVERY
Deleted Preinstalled.DellSupportAssistAgent File C:\Users\Public\Desktop\SupportAssist.lnk
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files (x86)\DELL\SUPPORTASSISTAGENT
Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSIST
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST
Deleted Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D03D7F87-E8CF-4A12-824D-DE473E4714FE}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D03D7F87-E8CF-4A12-824D-DE473E4714FE}
Deleted Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Deleted Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Deleted Preinstalled.DellSupportCenter Folder C:\Program Files\DELL SUPPORT CENTER
Deleted Preinstalled.LenovoThinkVantageToolbox Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PC-Doctor for Windows
Deleted Preinstalled.MyDell Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dell Support Center
Not Deleted Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
Not Deleted Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Not Deleted Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE

*************************

[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [11178 octets] - [03/12/2018 11:59:22]
AdwCleaner[S01].txt - [11240 octets] - [03/12/2018 12:05:45]
AdwCleaner[C01].txt - [9541 octets] - [03/12/2018 12:07:04]
AdwCleaner[S02].txt - [1459 octets] - [03/12/2018 14:48:05]
AdwCleaner[S03].txt - [1520 octets] - [03/12/2018 17:42:29]
AdwCleaner[S04].txt - [1581 octets] - [03/12/2018 18:58:36]
AdwCleaner[C04].txt - [1747 octets] - [03/12/2018 19:01:13]
AdwCleaner[S05].txt - [1703 octets] - [03/12/2018 22:17:46]
AdwCleaner[S06].txt - [1764 octets] - [04/12/2018 08:22:02]
AdwCleaner[S07].txt - [1825 octets] - [04/12/2018 08:28:36]
AdwCleaner[C07].txt - [1991 octets] - [04/12/2018 08:28:55]
AdwCleaner[S08].txt - [1947 octets] - [04/12/2018 08:32:09]
AdwCleaner[S09].txt - [2008 octets] - [04/12/2018 08:54:23]
AdwCleaner[S10].txt - [2069 octets] - [04/12/2018 10:20:28]
AdwCleaner[C10].txt - [2235 octets] - [04/12/2018 10:52:25]
AdwCleaner[S11].txt - [2191 octets] - [04/12/2018 10:55:17]
AdwCleaner[S12].txt - [2252 octets] - [04/12/2018 10:59:42]
AdwCleaner[S13].txt - [2313 octets] - [04/12/2018 11:41:17]
AdwCleaner[S14].txt - [2374 octets] - [04/12/2018 11:43:02]
AdwCleaner[S15].txt - [2410 octets] - [04/12/2018 11:46:47]
AdwCleaner[S16].txt - [2471 octets] - [04/12/2018 11:56:01]
AdwCleaner[S17].txt - [2532 octets] - [04/12/2018 18:10:49]
AdwCleaner[S18].txt - [2593 octets] - [05/12/2018 20:35:54]
AdwCleaner[S19].txt - [2654 octets] - [08/12/2018 14:53:17]
AdwCleaner[S20].txt - [2715 octets] - [07/01/2019 17:29:48]
AdwCleaner[S21].txt - [2776 octets] - [17/01/2019 19:35:51]
AdwCleaner[S22].txt - [2837 octets] - [21/01/2019 06:43:23]
AdwCleaner[S23].txt - [2898 octets] - [24/01/2019 16:40:53]
AdwCleaner[S24].txt - [2959 octets] - [02/02/2019 07:29:51]
AdwCleaner[S25].txt - [3020 octets] - [05/02/2019 16:07:45]
AdwCleaner[S26].txt - [3081 octets] - [07/02/2019 16:18:34]
AdwCleaner[S27].txt - [3142 octets] - [17/02/2019 16:31:37]
AdwCleaner[S28].txt - [3203 octets] - [02/03/2019 14:10:25]
AdwCleaner[S29].txt - [3264 octets] - [03/03/2019 20:56:20]
AdwCleaner[S30].txt - [3325 octets] - [07/03/2019 17:37:59]
AdwCleaner[S31].txt - [3386 octets] - [09/03/2019 18:18:21]
AdwCleaner[S32].txt - [3447 octets] - [22/03/2019 20:27:46]
AdwCleaner[S33].txt - [3508 octets] - [31/03/2019 16:37:35]
AdwCleaner[S34].txt - [3569 octets] - [30/05/2019 07:51:40]
AdwCleaner[S35].txt - [3630 octets] - [30/05/2019 11:46:41]
AdwCleaner[S36].txt - [3691 octets] - [30/05/2019 18:06:03]
AdwCleaner[S37].txt - [3752 octets] - [03/06/2019 06:40:03]
AdwCleaner_Debug.log - [101136 octets] - [02/10/2019 19:07:56]
AdwCleaner[S38].txt - [6504 octets] - [02/10/2019 19:08:32]
AdwCleaner[S39].txt - [6566 octets] - [02/10/2019 19:10:40]
AdwCleaner[S40].txt - [6270 octets] - [02/10/2019 19:18:35]
AdwCleaner[S41].txt - [6688 octets] - [13/10/2019 09:00:04]
AdwCleaner[S42].txt - [6756 octets] - [30/12/2019 19:16:16]
AdwCleaner[S43].txt - [6586 octets] - [07/07/2020 16:41:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C43].txt ##########

#5 Příspěvek od **Rudy** » 07 črc 2020 16:50

Dejte nové logy FRST+Addition.

Zihos · #6 Příspěvek od **Zihos** » 07 črc 2020 17:26

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-07-2020 01
Ran by udrzbaaqp (administrator) on DESKTOP-POLALO5 (Dell Inc. Latitude 5580) (07-07-2020 18:10:32)
Running from C:\Users\udrzbaaqp\Desktop
Loaded Profiles: udrzbaaqp
Platform: Windows 10 Pro Version 1703 15063.1418 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Andrey Gruber) [File not signed] C:\Ečko\Programy\PNotes_9_3_0\PNotes\PNotes.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <30>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_eea3cf789013ad4f\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1428\DSAPI.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRFE.EXE <2>
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779376 2019-01-07] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [318920 2019-05-30] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1235160 2019-09-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [82183912 2019-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [479368 2020-01-15] (Geek Software GmbH -> Geek Software GmbH)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1591160 2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23844664 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [com.squirrel.Teams.Teams] => C:\Users\udrzbaaqp\AppData\Local\Microsoft\Teams\Update.exe [1789768 2019-08-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\MountPoints2: {6dd2d4b8-6b64-11e9-9ce8-f85971a8590c} - "D:\Lenovo_Suite.exe"
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\MountPoints2: {d5717618-fc7b-11e8-9cdb-d481d7f7f5c5} - "D:\Lenovo_Suite.exe"
HKLM\...\Print\Monitors\C368SeriesPCL Language Monitor: C:\Windows\system32\KOAXWJ_L.DLL [25600 2017-08-28] (Microsoft Windows Hardware Compatibility Publisher -> KONICA MINOLTA, INC.)
HKLM\...\Print\Monitors\EPSON XP-243 245 247 Series 64MonitorBE: C:\Windows\system32\E_YLMBRFE.DLL [182784 2015-12-08] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\IppMon: C:\Windows\system32\IPPMon.dll [225792 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-25] (Google LLC -> Google LLC)
HKLM\Software\...\Winlogon\GPExtensions: [{6490DB9D-2802-4956-BCCB-EC84EA0887BB}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{9650FDBC-053A-4715-AD14-FC2DC65E8330}] -> C:\Windows\system32\hvsigpext.dll [2017-07-08] (Microsoft Windows -> )
HKLM\Software\...\Winlogon\GPExtensions: [{D7300225-081C-4CED-9FAD-BFCF9EC3D1D3}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PNotes.lnk [2019-01-24]
ShortcutTarget: PNotes.lnk -> C:\Ečko\Programy\PNotes_9_3_0\PNotes\PNotes.exe (Andrey Gruber) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {063C2EB0-C7C3-4967-A709-0B41EAFC2307} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124776 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {17682665-60E1-442B-BB3A-EA36D030D068} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {21CD68F9-E2F6-4983-AB2E-FF80256C782A} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {3579EDA6-2001-47A0-9ECC-8EFCD1B3F07F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-12-04] (Google Inc -> Google Inc.)
Task: {3EAB45F4-FAD5-450D-ABA4-B23CB03D3149} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-12-04] (Google Inc -> Google Inc.)
Task: {3EAB8EB2-3643-4622-A352-BBAE99DE029F} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {4546D6DE-FE8B-4ECE-AC99-7806FED0BAE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {46FF2EBB-749F-4308-8566-9B6D84F19CAC} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2742136 2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D36AC81-46A7-4865-BB1F-7A2C4B7CACD7} - System32\Tasks\EPSON XP-243 245 247 Series Update {E2A961FB-51F3-4705-9BA5-637791BA99F3} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {5DDA9BAD-D21D-4277-B60F-D8CD9FBD3F61} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-07-07] (Adobe Inc. -> Adobe)
Task: {5EFC4D4F-E8C1-4B0C-B039-0CAB4DFAC595} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {63C040FF-CF67-4B86-A477-E367A9BF3308} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Ečko\Zálohy\Chrome down\esetonlinescanner_csy.exe LOGON
Task: {76F98DD7-042D-446C-B98D-9618D88D70A2} - System32\Tasks\EOSv3 Scheduler onTime => C:\Ečko\Zálohy\Chrome down\esetonlinescanner_csy.exe SCHED
Task: {87CD0E90-C76C-4335-8E9F-53EC5C7955CC} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\Windows\system32\gpupdate.exe [29696 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
Task: {9FDD784C-1446-4E59-83FA-307791146B69} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1321368 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A87A9330-A53D-4B41-90A6-2A6CFC09D51E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {AFED2D50-27A6-4BE3-A0ED-F6B3E3B1A793} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C10D8BCB-81BC-4894-9F3E-D138B6B8DECE} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [226008 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {C7C3CF0B-0E44-4B7B-81B1-69F49239E66D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB9FE7FA-DC00-4A99-BB02-AEDD619ABC22} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {CBD7C947-26AB-47BA-BCEC-FDC0AE972336} - System32\Tasks\EPSON XP-243 245 247 Series Update {13ACEA1D-E802-48E9-BCE9-7C74B0CAF84C} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {DA418FF9-212E-434A-928B-58E24B37F6CE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DF260172-B53C-4049-A24A-C22637E9A3AF} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
Task: {F1387B19-AE8C-4F65-AAC9-46F3D7188521} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124776 2020-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2BD8E11-1CB9-4F07-9937-666038E0CA7C} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\Windows\system32\gpupdate.exe [29696 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
Task: {F687CD97-A0B7-4AE5-986E-2244B3A4B3DE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {FB80F54B-77F2-4BBD-822A-28B59B55CF50} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {13ACEA1D-E802-48E9-BCE9-7C74B0CAF84C}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{13ACEA1D-E802-48E9-BCE9-7C74B0CAF84C} /F:UpdateTHERME\DESKTOP-POLALO5$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {E2A961FB-51F3-4705-9BA5-637791BA99F3}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{E2A961FB-51F3-4705-9BA5-637791BA99F3} /F:UpdateTHERME\DESKTOP-POLALO5$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.5.18.5 10.5.18.2 195.80.171.4
Tcpip\..\Interfaces\{e2cb4e83-ff22-4e83-8d4a-7bd8a6a9a3bc}: [DhcpNameServer] 10.5.18.5 10.5.18.2 195.80.171.4
Tcpip\..\Interfaces\{f82cf98f-69c3-425b-ae5c-8530af3ed851}: [DhcpNameServer] 192.168.0.9

Internet Explorer:
==================
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1142325245-130890802-2529674674-2207 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-05] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Extension: (Adblocker na Youtube™) - C:\Program Files\Mozilla Firefox\browser\features\{733ED5DC-6D54-4A04-900B-CA85BF4B9A1B}.xpi [2018-12-02] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2019-10-16] [Legacy] [not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1142325245-130890802-2529674674-2207: @zoom.us/ZoomVideoPlugin -> C:\Users\udrzbaaqp\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-22] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default [2020-07-07]
CHR DownloadDir: C:\Ečko\Zálohy\Chrome down
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://vosveteit.sk; hxxps://www.autodoc.sk; hxxps://www.facebook.com; hxxps://www.tyzden.sk; hxxps://www.viry.cz
CHR Extension: (Prezentácie) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-04]
CHR Extension: (Dokumenty) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-04]
CHR Extension: (Disk Google) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-04]
CHR Extension: (YouTube) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-04]
CHR Extension: (Flash Player) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2020-07-07]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-07-04]
CHR Extension: (Chrome Remote Desktop) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2020-04-23]
CHR Extension: (Tabuľky) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-04]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-11-06]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-31]
CHR Extension: (Google Calendar) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2020-06-12]
CHR Extension: (Chrome Remote Desktop) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-11-06]
CHR Extension: (Mapy Google) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jofhmakmcmhjkgbkaknehpglphepfmii [2020-04-27]
CHR Extension: (10 skrytých funkcií v prehliadači Google Chrome, ktoré Vám uľahčia život. Poznáte ich? | Vosveteit.sk) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nedagfinghcpjjpcopcghojnmolfeoil [2019-10-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (TeamViewer) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2019-11-19]
CHR Extension: (Ocean) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgedigcdbemilinbicidhplhebjoafpl [2018-12-04]
CHR Extension: (Gmail) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-10]
CHR Extension: (Stopky / časovač / Budík) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmbmdkichekkmkgbohcbpfehiekdjnpl [2018-12-04]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [118952 2019-01-07] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\84.0.4147.39\remoting_host.exe [73200 2020-06-08] (Google LLC -> Spoločnosť Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10634632 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [248376 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3359288 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [271416 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1428\DSAPI.exe [965104 2020-05-10] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{D0FBE4E3-CEB7-4D1E-9F87-E7AB8A3A1F01} [21408 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{D0FBE4E3-CEB7-4D1E-9F87-E7AB8A3A1F01} [21408 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36544 2020-04-17] (Dell Inc -> )
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
S2 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Security\ehttpsrv.exe [43208 2015-11-27] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [1612000 2015-11-27] (ESET, spol. s r.o. -> ESET)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Security\eshasrv.exe [185032 2015-11-27] (ESET, spol. s r.o. -> ESET)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\FileSyncHelper.exe [2157944 2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6970968 2020-07-07] (Malwarebytes Inc -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\OneDriveUpdaterService.exe [2511216 2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [479368 2020-01-15] (Geek Software GmbH -> Geek Software GmbH)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [269600 2020-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2018-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [38360 2020-05-03] (Dell Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13109264 2020-06-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2302168 2018-12-25] (Intel(R) Client Connectivity Division SW -> Intel Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3753016 2019-08-19] (Intel Corporation -> Intel® Corporation)
S3 dcpm-notify; "C:\Program Files\Dell\CommandPowerManager\NotifyService.exe" [X]
S2 DellDigitalDelivery; "c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe" [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Wondershare MobileTrans\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 522A849C; C:\Windows\System32\drivers\522A849C.sys [478392 2020-07-06] (Kaspersky Lab -> Kaspersky Lab ZAO)
R3 ApHidfiltrService; C:\Windows\System32\drivers\ApHidfiltr.sys [370344 2019-01-07] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [68096 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [35704 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
S3 DroidCam; C:\Windows\system32\DRIVERS\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
S3 DroidCamVideo; C:\Windows\system32\DRIVERS\droidcamvideo.sys [33768 2020-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 e1dexpress; C:\Windows\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_63a4db11c926c9ab\e1d68x64.sys [606672 2019-08-06] (Intel(R) INTELND1820 -> Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [253752 2015-11-11] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186272 2015-11-11] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [205288 2015-11-11] (ESET, spol. s r.o. -> ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [52872 2015-11-11] (ESET, spol. s r.o. -> ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69328 2015-11-11] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-07-07] (Malwarebytes Corporation -> Malwarebytes)
S3 FTDIBUS; C:\Windows\system32\drivers\ftdibus.sys [68800 2008-03-13] (Future Technology Devices International Ltd -> FTDI Ltd.)
S3 FTSER2K; C:\Windows\system32\drivers\ftser2k.sys [86376 2013-07-12] (Future Technology Devices International Ltd -> FTDI Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [216056 2020-07-07] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-07-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [196752 2020-07-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73368 2020-07-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-07-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [131728 2020-07-07] (Malwarebytes Inc -> Malwarebytes)
S3 mosuport; C:\Windows\System32\drivers\mosuport.sys [367744 2016-12-23] (WDKTestCert Alex,130940336584439605 -> ASIX Electronics Corporation)
S3 nmwcd; C:\Windows\system32\drivers\ccdcmbx64.sys [19968 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\system32\drivers\ccdcmbox64.sys [27136 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pccsmcfd; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] (Microsoft Windows -> )
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [9216 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [9216 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45976 2020-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [408816 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [220672 2017-03-18] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-07-07 18:10 - 2020-07-07 18:12 - 000036778 _____ C:\Users\udrzbaaqp\Desktop\FRST.txt
2020-07-07 18:09 - 2020-07-07 18:10 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Prvý frst
2020-07-07 17:42 - 2020-07-07 17:42 - 000004538 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-07-07 17:10 - 2020-07-07 17:10 - 000196752 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2020-07-07 17:10 - 2020-07-07 17:10 - 000131728 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-07-07 17:10 - 2020-07-07 17:10 - 000073368 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2020-07-07 16:34 - 2020-07-07 16:34 - 000216056 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-07-07 12:25 - 2020-07-07 12:25 - 002292224 _____ (Farbar) C:\Users\udrzbaaqp\Desktop\FRST64.exe
2020-07-07 12:06 - 2020-07-07 12:06 - 000002043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-07-07 12:05 - 2020-07-07 12:05 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-07-07 12:05 - 2020-07-07 12:05 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-07-07 12:05 - 2020-07-07 12:05 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-07-07 12:05 - 2020-07-07 12:05 - 000000000 ____D C:\Program Files\Malwarebytes
2020-07-06 20:06 - 2020-07-07 08:00 - 000000000 ____D C:\KVRT_Data
2020-07-06 20:06 - 2020-07-06 20:06 - 000478392 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\522A849C.sys
2020-07-04 18:06 - 2020-07-04 18:06 - 000000000 ____D C:\Users\udrzbaaqp\AppData\LocalLow\Intel
2020-07-03 13:58 - 2020-07-07 06:44 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Anomálie
2020-06-30 16:33 - 2020-06-30 16:33 - 000000756 _____ C:\Users\udrzbaaqp\Desktop\bluetooth_content_share.html
2020-06-28 16:17 - 2020-06-28 16:17 - 000003206 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2020-06-28 16:16 - 2020-06-28 16:16 - 000002174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-16 06:39 - 2020-06-16 06:42 - 000001948 _____ C:\Users\udrzbaaqp\Desktop\Potvrdenie o prevzatí zariadenia na opravu.docx – odkaz.lnk
2020-06-14 17:59 - 2020-07-04 18:04 - 000000000 ____D C:\Windows\LastGood
2020-06-14 17:58 - 2020-06-14 17:57 - 024063104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRender64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 024942088 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 024161688 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 007272536 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2020-06-14 17:58 - 2020-02-17 22:55 - 003819720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 003676960 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2020-06-14 17:58 - 2020-02-17 22:55 - 003340304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 003159672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 002930040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 001353216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 000692056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 000575080 _____ (Intel Corporation) C:\Windows\system32\tbb_waves.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 000343600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 000240024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 000200600 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 000192872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2020-06-14 17:58 - 2020-02-17 22:55 - 000023584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2020-06-14 17:58 - 2019-12-19 14:07 - 002877104 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2020-06-10 16:58 - 2020-06-10 17:02 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\ODKAZY privát
2020-06-10 16:39 - 2020-06-10 16:39 - 000000819 _____ C:\Users\udrzbaaqp\Desktop\HELP – odkaz.lnk
2020-06-10 15:33 - 2020-06-14 18:58 - 1103011603 _____ C:\Windows\MEMORY.DMP
2020-06-10 15:33 - 2020-06-10 15:35 - 001806836 _____ C:\Windows\Minidump\061020-35296-01.dmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-07-07 18:11 - 2018-12-03 08:35 - 000000000 ____D C:\FRST
2020-07-07 18:03 - 2017-07-07 17:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-07-07 17:42 - 2018-06-19 14:08 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Local\Adobe
2020-07-07 17:42 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-07-07 17:42 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\Macromed
2020-07-07 17:17 - 2020-04-10 10:10 - 000532902 _____ C:\Windows\system32\perfh01B.dat
2020-07-07 17:17 - 2020-04-10 10:10 - 000149798 _____ C:\Windows\system32\perfc01B.dat
2020-07-07 17:17 - 2017-07-07 17:42 - 003570264 _____ C:\Windows\system32\PerfStringBackup.INI
2020-07-07 17:14 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\AppReadiness
2020-07-07 17:13 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\Registration
2020-07-07 17:13 - 2016-09-06 07:07 - 000000000 ____D C:\Users\udrzbaaqp\Documents\Archiv pošta
2020-07-07 17:12 - 2020-02-25 07:48 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Local\CrashDumps
2020-07-07 17:10 - 2018-06-19 13:27 - 000000000 __SHD C:\Users\udrzbaaqp\IntelGraphicsProfiles
2020-07-07 17:09 - 2018-06-19 16:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-07-07 17:09 - 2017-07-07 17:42 - 000000000 ____D C:\Intel
2020-07-07 17:09 - 2017-07-07 17:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-07-07 17:08 - 2017-03-18 13:40 - 002359296 _____ C:\Windows\system32\config\BBI
2020-07-07 16:51 - 2018-07-01 20:03 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Udrzba NB
2020-07-07 16:46 - 2017-07-07 17:37 - 000000000 ____D C:\Program Files\Dell
2020-07-07 16:46 - 2017-07-07 17:36 - 000000000 ____D C:\ProgramData\dell
2020-07-07 16:45 - 2017-07-07 17:42 - 000000000 ____D C:\Program Files (x86)\Dell
2020-07-07 16:45 - 2017-07-07 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-07-07 16:08 - 2018-06-19 18:33 - 000000000 ____D C:\Ečko
2020-07-07 13:43 - 2018-10-21 18:07 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Temp Skeny
2020-07-07 12:36 - 2018-06-28 20:24 - 000000515 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2020-07-07 12:05 - 2018-07-01 19:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-07-07 12:05 - 2017-03-18 23:03 - 000000000 ___HD C:\Windows\ELAMBKUP
2020-07-07 10:56 - 2018-06-19 13:27 - 000000000 ____D C:\Users\udrzbaaqp
2020-07-06 20:40 - 2019-09-13 08:13 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2020-07-06 20:40 - 2017-07-07 17:43 - 000000000 ____D C:\ProgramData\Intel
2020-07-06 20:38 - 2017-03-18 13:40 - 000032768 _____ C:\Windows\system32\config\ELAM
2020-07-06 13:12 - 2019-10-13 09:06 - 000000000 ____D C:\ProgramData\AMMYY
2020-07-06 12:14 - 2018-06-19 13:27 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Local\Packages
2020-07-04 18:04 - 2017-03-18 23:01 - 000000000 ____D C:\Windows\INF
2020-07-04 18:01 - 2017-07-07 17:48 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2020-07-04 15:59 - 2018-10-14 08:30 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\vlc
2020-07-04 15:53 - 2018-10-14 08:30 - 000001141 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-07-03 10:06 - 2019-06-11 07:01 - 000002782 _____ C:\Users\udrzbaaqp\Desktop\DOVOLENKY 2020 Server.lnk
2020-07-02 09:36 - 2018-06-19 12:11 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-06-28 16:17 - 2018-06-19 13:30 - 000000000 ___RD C:\Users\udrzbaaqp\OneDrive
2020-06-28 16:17 - 2017-09-06 12:33 - 000000000 ___RD C:\Users\mbajannekk\OneDrive
2020-06-28 16:17 - 2017-08-16 10:13 - 000000000 ___RD C:\Users\admin\OneDrive
2020-06-25 09:42 - 2018-12-04 12:51 - 000002317 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-25 09:42 - 2018-12-04 12:51 - 000002276 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-23 20:15 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-22 06:42 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-22 06:40 - 2017-09-22 14:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-06-18 17:35 - 2018-06-19 19:44 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Odkazy VNC intranet
2020-06-14 18:58 - 2018-07-16 14:52 - 000000000 ____D C:\Windows\Minidump
2020-06-14 18:05 - 2017-07-07 17:45 - 000000000 ___HD C:\Program Files (x86)\Temp
2020-06-14 17:59 - 2017-07-07 17:45 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2020-06-14 17:58 - 2017-07-07 17:45 - 000019632 _____ C:\Windows\SysWOW64\RtkMsgs.dll
2020-06-14 17:56 - 2017-07-07 17:42 - 000000000 ____D C:\Program Files (x86)\Intel
2020-06-14 16:59 - 2018-08-05 17:20 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\Audacity
2020-06-12 16:44 - 2020-05-07 15:47 - 000001483 _____ C:\Users\udrzbaaqp\Desktop\Saunový svet_PD – odkaz.lnk
2020-06-10 15:52 - 2018-06-19 17:00 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\TeamViewer
2020-06-10 15:34 - 2017-07-31 10:19 - 000000000 ____D C:\Users\admin

==================== Files in the root of some directories ========

2019-10-29 11:04 - 2019-10-29 11:04 - 000024052 _____ () C:\Users\udrzbaaqp\AppData\Roaming\Hodnoty oddelené čiarkou.ADR
2018-07-02 13:49 - 2018-07-02 13:49 - 000008242 _____ () C:\Users\udrzbaaqp\AppData\Roaming\Hodnoty oddelené čiarkou.EML
2020-02-15 12:48 - 2020-05-31 19:47 - 000005120 _____ () C:\Users\udrzbaaqp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-02 22:26 - 2018-12-02 22:26 - 000140800 _____ () C:\Users\udrzbaaqp\AppData\Local\installer.dat
2018-11-06 22:54 - 2018-11-06 22:54 - 000000017 _____ () C:\Users\udrzbaaqp\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-07-07 12:32
==================== End of FRST.txt ========================

Zihos · #7 Příspěvek od **Zihos** » 07 črc 2020 17:27

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-07-2020 01
Ran by udrzbaaqp (07-07-2020 18:14:50)
Running from C:\Users\udrzbaaqp\Desktop
Windows 10 Pro Version 1703 15063.1418 (X64) (2017-07-30 23:07:20)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

admin (S-1-5-21-3488352295-3265554142-2068840992-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-3488352295-3265554142-2068840992-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3488352295-3265554142-2068840992-503 - Limited - Disabled)
Guest (S-1-5-21-3488352295-3265554142-2068840992-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Endpoint Security 6.3.2016.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Security 6.3.2016.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personálny firewall (Disabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.4 (HKLM\...\{62C59C21-F5F5-41A1-B575-DE37FEAA285B}) (Version: 4.4.11.2412 - Open Media LLC)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe)
Ashampoo WinOptimizer 2010 Advanced (HKLM-x32\...\Ashampoo WinOptimizer 2010 Advanced_is1) (Version: 6.5.0 - Ashampoo GmbH & Co. KG)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.59.1 - Asmedia Technology)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
bubans 1.00 (HKLM-x32\...\bubans 1.00) (Version: 1.00 - bubans)
Camtasia Studio 8 (HKLM-x32\...\{5303CFB5-D635-44F0-A94B-9611E81F07C4}) (Version: 8.3.0.1471 - TechSmith Corporation)
Dell Digital Delivery (HKLM-x32\...\{7294961D-6EC1-4418-9017-0180A0C78A91}) (Version: 3.2.1006.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\{6D2933E3-DC42-44E5-B80E-DACDD64ADFF5}) (Version: 3.5.0.448 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.212 - ALPS ELECTRIC CO., LTD.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.3.6855.212 - PC-Doctor, Inc.) Hidden
DWGSee Pro 2017 (HKLM-x32\...\{95EBD9FE-2F20-454A-84FC-6D22A8978A0A}) (Version: 4.43 - AutoDWG)
Easy Photo Scan (HKLM-x32\...\{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B}) (Version: 1.00.0017 - Seiko Epson Corporation)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.2 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Printer Connection Checker (HKLM-x32\...\{FFA5C174-DB3F-4AFE-B59D-C0FB1744CD76}) (Version: 3.1.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{FD036A57-F81D-4865-AAF0-811558EA76AE}) (Version: 4.5.1 - Seiko Epson Corporation)
EPSON XP-243 245 247 Series Printer Uninstall (HKLM\...\EPSON XP-243 245 247 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
ESET Endpoint Security (HKLM\...\{900372AF-5CB7-40EA-A564-84420E4BB5ED}) (Version: 6.3.2016.1 - ESET, spol. s r.o.)
FastStone Image Viewer 6.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.5 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Chrome Remote Desktop Host (HKLM-x32\...\{FEA4124F-FABE-440B-BA03-489722A59439}) (Version: 84.0.4147.39 - Google Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10209.6897 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 2.2.1.364 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 22.9 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.8142 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.0.1017 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000080-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.80.0.3 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{7D4998B3-AC68-4815-AC47-5A1969D91E30}) (Version: 17.5.0.1017 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8909c7f7-2f31-4786-b020-18218d3cabf3}) (Version: 21.40.1 - Intel Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes version 4.1.2.73 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.2.73 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.12253.1 - Waves Audio Ltd.) Hidden
Microsoft 365 for business - sk-sk (HKLM\...\O365BusinessRetail - sk-sk) (Version: 16.0.12827.20336 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Teams) (Version: 1.2.00.19260 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20336 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF24 Creator 9.0.3 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Príručky EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.17763.21313 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8895.1 - Realtek Semiconductor Corp.)
ScanMaster-ELM 2.1.104.771 (HKLM\...\ScanMaster-ELM_is1) (Version: 2.1.104.771 - WGSoft.de)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0079 - ST Microelectronics)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.19260 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.7.6 - TeamViewer)
Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation)
Total Video Converter 3.71 100812 (HKLM-x32\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.2.1 - uvnc bvba)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Small Business Server 2011 Standard ClientAgent (HKLM\...\{5C72F8A3-BF39-4733-B41E-0ED7EF622E37}) (Version: 6.1.7900.1 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Photoshop Express: Image Editor, Adjustments, Filters, Effects, Borders -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.1.12.0_x64__ynb6jyjzte8ga [2020-06-23] (Adobe Inc.)
Code Writer -> C:\Program Files\WindowsApps\ActiproSoftwareLLC.562882FEEB491_2.6.19.19_neutral__24pqs290vpjk0 [2018-06-20] (Actipro Software LLC)
Duolingo - Learn Languages for Free -> C:\Program Files\WindowsApps\D5EA27B7.Duolingo-LearnLanguagesforFree_2017.112.1.0_x64__yx6k7tf7xvsea [2018-09-01] (Duolingo Inc.)
Eclipse Manager -> C:\Program Files\WindowsApps\46928bounde.EclipseManager_3.2.18.0_x64__a5h4egax66k6y [2018-09-01] (Ounce Digital)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-08] (Microsoft Corporation)
KONICA MINOLTA Print Experience -> C:\Program Files\WindowsApps\KONICAMINOLTAINC.KONICAMINOLTAPrintExperience_1.4.0.4_neutral__s63fsn2sety0r [2020-03-25] (KONICA MINOLTA INC)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1107.0_x86__8wekyb3d8bbwe [2019-09-05] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-16] (Microsoft Studios) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-23] (Microsoft Corporation) [MS Ad]
Network Speed Test -> C:\Program Files\WindowsApps\Microsoft.NetworkSpeedTest_1.0.0.23_x64__8wekyb3d8bbwe [2018-06-20] (Microsoft Research)
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20116.0_x64__8wekyb3d8bbwe [2018-12-12] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1142325245-130890802-2529674674-2207_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\udrzbaaqp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1142325245-130890802-2529674674-2207_Classes\CLSID\{930e604a-cc01-4d06-8d7a-5a07914f3afb}\localserver32 -> "C:\Program Files\TechSmith\Camtasia 2019\CamtasiaStudio.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-1142325245-130890802-2529674674-2207_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-1142325245-130890802-2529674674-2207_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\udrzbaaqp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19163.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1142325245-130890802-2529674674-2207_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DWGSeeMenu] -> {A6EAF440-149E-4AF3-AE84-5DA3CF791E3B} => C:\Program Files (x86)\AutoDWG\DWGSee Pro 2017\DWGSeeMenu64.dll [2012-07-13] (TODO: <Company name>) [File not signed]
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2015-11-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2015-11-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-07-07] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-05-09] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igfxDTCM.dll [2020-04-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2015-11-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-07-07] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.084.0426.0007\amd64\FileSyncShell64.dll [2020-06-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1_S-1-5-21-1142325245-130890802-2529674674-2207: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\10 skrytých funkcií v prehliadači Google Chrome, ktoré Vám uľahčia život. Poznáte ich_ _ Vosveteit.sk.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nedagfinghcpjjpcopcghojnmolfeoil
ShortcutWithArgument: C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\TeamViewer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=oooiobdokpcfdlahlmcddobejikcmkfo
ShortcutWithArgument: C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Vzdialená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb

==================== Loaded Modules (Whitelisted) =============

2018-06-19 19:59 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2018-06-20 06:30 - 2011-05-04 15:53 - 000373248 _____ (hxxp://hunspell.sourceforge.net/) [File not signed] C:\Ečko\Programy\PNotes_9_3_0\PNotes\libhunspell.dll
2015-12-17 12:11 - 2015-12-17 12:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll
2020-01-13 08:04 - 2020-01-13 08:04 - 001899008 _____ (SQLite Development Team) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\sqlite3.dll
2018-06-19 20:00 - 2012-07-13 16:28 - 000125952 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\AutoDWG\DWGSee Pro 2017\DWGSeeMenu64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\01417951.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\36261067.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\522A849C.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\82004834.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\01417951.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\36261067.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\522A849C.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\82004834.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\sharepoint.com -> hxxps://slktt-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-12-04 08:42 - 2018-12-04 08:42 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

2018-06-28 20:24 - 2020-07-07 12:36 - 000000515 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Control Panel\Desktop\\Wallpaper -> C:\Users\udrzbaaqp\AppData\Roaming\FastStone\FSIV\FSViewerWallPaper.bmp
DNS Servers: 10.5.18.5 - 10.5.18.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: ESET Personal Firewall -> ESET_EpfwLWF (enabled)
Ethernet: ESET Personal Firewall -> ESET_EpfwLWF (enabled)
Lokálne pripojenie* 11: ESET Personal Firewall -> ESET_EpfwLWF (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F8CDA4C7-AF7D-425C-9515-D687080F23BA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{30BE1758-A079-4A9A-8DFC-DBB7E57BDBA5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E8A9D832-4A9E-4C0F-99BA-4917C551B39B}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{5FD1CF25-5543-437E-BE0E-6D1173AF9FD7}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{3924BC8B-8F96-4D84-9639-0DBA78264FB1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{5A3CB768-233C-4AC2-B650-D4DB37340CAB}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{FE37FFAD-074F-4917-9BF0-3E483ECBDE93}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{175C6063-69B4-4F7C-833A-81E0F87C85F9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E7665C6A-C513-493A-83B7-E109BADFB8E2}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{0AFA369B-9F32-4C14-8EAE-8FD974B8E4C6}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (Seiko Epson Corporation) [File not signed]
FirewallRules: [{45CC2AF6-CABE-4FBD-8E53-94AFD7DB205B}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1EEAD3BD-D31B-464C-A087-3375DBB04327}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D7DA4E4D-3887-4F57-BC8A-C50B50FE7DD6}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D726FF13-564C-459C-BBE3-32302163F908}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{00787FC9-48FD-42E8-B89A-C249C14F7062}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7A1E6A61-9E64-4A76-9341-40685F2B96B8}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E0782278-F50E-49E2-8C8F-1B8558A51356}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C8B9A9F7-09C1-4B45-B523-50C737B060AF}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{953268F5-FCD4-4341-ACC8-3CD30A43B56C}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2FC41984-C79C-4704-8337-55A7C419E100}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7DC87C82-6755-467E-8843-3D3B664D7ED1}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0D81ABBD-0344-400C-BF24-19BF07B84B87}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{91F00B30-A47C-471D-B27E-7C3008F1AF40}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{306CE2B0-D04E-453E-A43C-A3F2A40F1E9A}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8D485635-5527-4096-9B8A-6ED1517102F1}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AB886EE2-9AE3-44F2-B4F1-9CAEA00AC89D}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C0F72AC4-172D-406C-B079-20ACAE4511AD}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{14AB0ABA-1CD1-43B3-8F5C-28BC2C1E2803}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{03280B6B-2A01-403C-B726-FAF52B798017}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{94277605-A5B3-40C4-90E6-334B2BCF084C}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6F6189E5-3F0B-46EF-9DFE-7B7A11E60BD1}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{27E8BF9D-60D8-412F-8F5F-75F330C2CDEB}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0683E3BE-94CD-4AA4-8E3A-D28A9E5F4CFE}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4A844941-D9EA-4C2E-9116-3B484DFEE089}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{77C7B55D-FC38-4F12-93DF-EE14CC79E4E1}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CF5DEACF-C94F-4F8A-98F8-593707C6C7B5}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{31CC744F-9843-4A58-9970-414D745D89BE}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6394054A-CECF-462D-A96C-0192F6D09E09}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1D4D17A0-D73B-4F69-A114-E7DED143DD81}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{214F9CBF-B9C7-46A2-A6DE-F36E7ACCE479}] => (Allow) LPort=8317
FirewallRules: [{993778C5-77FD-47C0-B804-167D81CDA1E2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4FFDAC66-FD32-4ECB-AF6E-E3C0E5A47AB5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{86CA9F0C-5C22-46F4-BFEB-15D33D75EAD4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8DECE276-ADD6-4E17-B63C-CE6F6CA8D147}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5542FF46-8014-46CA-9D78-7DCA1F5FB956}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{33DBC931-5BA7-42E6-9E13-48E74987132F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2646545D-6DAB-494D-A45E-D8E2A1C69008}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6D228671-3668-4E9E-8CB0-97568DE160C3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BA01BDC2-E8D1-4279-B2DC-644C62C0F9D9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3573F02D-062B-40C0-991D-4AB060C41FC9}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\84.0.4147.39\remoting_host.exe (Google LLC -> Spoločnosť Google Inc.)
FirewallRules: [{8695E094-7B5D-47AC-AF90-7B0EAE8392C6}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EF0A5674-3324-4E63-9F88-4A0E1E202C83}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5BC8C130-22B8-4240-89A4-FCF39D48CAB6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B526D72F-F45B-455B-95F3-2CA03BD8F758}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{671E284B-8701-4E99-82B9-1ADDBFC80A9F}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{24D38C44-A060-4A9A-8489-310B47F5304E}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6A490938-34A1-46F2-A9A0-8E0F84CA7919}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{11CC20F9-57DF-45BF-B3BB-01B3D2737D3F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1C8FCF68-6695-4D77-9CBD-774903358712}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{23A5C5DD-0056-4D38-8C1E-E50288BD4386}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2C3B75C9-6E32-4643-9904-09EC389359C6}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E12A3C20-3E63-4160-B5D4-3357903C8C3A}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8956D3B2-D608-4B99-9C95-32B39E6F2E44}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)

==================== Restore Points =========================

16-06-2020 11:50:02 Scheduled Checkpoint
25-06-2020 14:11:06 Scheduled Checkpoint
06-07-2020 10:58:16 Scheduled Checkpoint
07-07-2020 16:44:36 AdwCleaner_BeforeCleaning_07/07/2020_16:44:35

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (07/07/2020 06:04:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: THERME)
Description: Aktivácia aplikácie Microsoft.Windows.Photos_8wekyb3d8bbwe!App zlyhala pre chybu: -2147023170 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (07/07/2020 05:27:16 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

Error: (07/07/2020 05:27:11 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

Error: (07/07/2020 05:27:06 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

Error: (07/07/2020 05:27:01 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

Error: (07/07/2020 05:26:56 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

Error: (07/07/2020 05:26:51 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

Error: (07/07/2020 05:26:46 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.

System errors:
=============
Error: (07/07/2020 05:13:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Dell Digital Delivery Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (07/07/2020 05:10:28 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: THERME)
Description: Spracovanie skupinovej politiky zlyhalo v dôsledku chýbajúceho sieťového pripojenia na radič domény. Tento stav môže byť prechodný. Po pripojení počítača na radič domény a úspešnom spracovaní skupinovej politiky sa vygeneruje hlásenie o úspešnom spracovaní. Ak sa toto hlásenie nezobrazí ani po uplynutí viacerých hodín, obráťte sa na správcu.

Error: (07/07/2020 05:09:38 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: NT AUTHORITY)
Description: 0 zlyhalo.
Názov objektu skupinovej politiky: Windows SBS CSE Policy
Systémová cesta k súboru objektu skupinovej politiky: \\therme.local\SysVol\therme.local\Policies\{F2459BE5-759A-4234-95E2-E1ACC6B8ADF0}\Machine
Názov skriptu: \\therme.local\SysVol\therme.local\ClientAgent\ClientAgent.vbs

Error: (07/07/2020 05:09:38 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: NT AUTHORITY)
Description: 0 zlyhalo.
Názov objektu skupinovej politiky: Windows SBS CSE Policy
Systémová cesta k súboru objektu skupinovej politiky: \\therme.local\SysVol\therme.local\Policies\{F2459BE5-759A-4234-95E2-E1ACC6B8ADF0}\Machine
Názov skriptu: \\therme.local\SysVol\therme.local\ClientAgent\ClientAgent.vbs

Error: (07/07/2020 05:09:38 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: NT AUTHORITY)
Description: 0 zlyhalo.
Názov objektu skupinovej politiky: Windows SBS CSE Policy
Systémová cesta k súboru objektu skupinovej politiky: \\therme.local\SysVol\therme.local\Policies\{F2459BE5-759A-4234-95E2-E1ACC6B8ADF0}\Machine
Názov skriptu: \\therme.local\SysVol\therme.local\ClientAgent\ClientAgent.vbs

Error: (07/07/2020 05:09:38 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: NT AUTHORITY)
Description: 0 zlyhalo.
Názov objektu skupinovej politiky: Windows SBS CSE Policy
Systémová cesta k súboru objektu skupinovej politiky: \\therme.local\SysVol\therme.local\Policies\{F2459BE5-759A-4234-95E2-E1ACC6B8ADF0}\Machine
Názov skriptu: \\therme.local\SysVol\therme.local\ClientAgent\ClientAgent.vbs

Error: (07/07/2020 05:09:38 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: Spracovanie skupinovej politiky zlyhalo v dôsledku chýbajúceho sieťového pripojenia na radič domény. Tento stav môže byť prechodný. Po pripojení počítača na radič domény a úspešnom spracovaní skupinovej politiky sa vygeneruje hlásenie o úspešnom spracovaní. Ak sa toto hlásenie nezobrazí ani po uplynutí viacerých hodín, obráťte sa na správcu.

Error: (07/07/2020 05:09:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby CldFlt zlyhalo kvôli nasledujúcej chybe:
The request is not supported.

Windows Defender:
===================================
Date: 2020-07-03 09:52:52.422
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {AD14D3B7-0C88-4D1B-8A44-E1C495505FCE}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-07-02 14:04:52.425
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {502CB5ED-1707-493B-81EC-9BC3D8EA03FA}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-07-02 11:18:09.364
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {351DB364-605C-467D-B00E-2CEF07036D86}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-07-02 11:02:44.143
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {4C8B4070-5143-49DE-A03D-722035A12893}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-06-16 11:31:43.264
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C106FB1A-27A4-404A-B069-31D9901C48BB}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-12-15 21:09:07.940
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.307.418.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-12-15 21:09:07.939
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.307.418.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-12-15 21:09:07.939
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.307.418.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-12-15 21:09:07.905
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.307.418.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-12-15 21:09:07.904
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.307.418.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===================================

Date: 2020-07-07 17:10:09.903
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-07 17:10:08.996
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-07 17:10:05.427
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-07 17:10:03.921
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-07 16:59:16.139
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-07 16:59:15.490
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-07 16:59:14.418
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-07 16:59:13.116
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6742a32d2d482a17\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.17.1 01/07/2020
Motherboard: Dell Inc. 0NY0H9
Processor: Intel(R) Core(TM) i3-7100U CPU @ 2.40GHz
Percentage of memory in use: 41%
Total physical RAM: 8053.84 MB
Available physical RAM: 4679.82 MB
Total Virtual: 12149.84 MB
Available Virtual: 7726.75 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:930.43 GB) (Free:450.12 GB) NTFS
Drive e: (PAMATOVKA) (Removable) (Total:1.83 GB) (Free:0.69 GB) FAT

\\?\Volume{e89665cc-5f74-4828-aa06-4e871948ff31}\ (WINRETOOLS) (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E0EAED6D)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 1.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

#8 Příspěvek od **Rudy** » 07 črc 2020 17:57

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\MountPoints2: {6dd2d4b8-6b64-11e9-9ce8-f85971a8590c} - "D:\Lenovo_Suite.exe"
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\MountPoints2: {d5717618-fc7b-11e8-9cdb-d481d7f7f5c5} - "D:\Lenovo_Suite.exe"
Task: {3579EDA6-2001-47A0-9ECC-8EFCD1B3F07F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-12-04] (Google Inc -> Google Inc.)
Task: {3EAB45F4-FAD5-450D-ABA4-B23CB03D3149} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-12-04] (Google Inc -> Google Inc.)
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Users\udrzbaaqp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Zihos · #9 Příspěvek od **Zihos** » 07 črc 2020 18:21

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-07-2020 01
Ran by udrzbaaqp (07-07-2020 19:01:49) Run:2
Running from C:\Users\udrzbaaqp\Desktop
Loaded Profiles: udrzbaaqp
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\MountPoints2: {6dd2d4b8-6b64-11e9-9ce8-f85971a8590c} - "D:\Lenovo_Suite.exe"
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\MountPoints2: {d5717618-fc7b-11e8-9cdb-d481d7f7f5c5} - "D:\Lenovo_Suite.exe"
Task: {3579EDA6-2001-47A0-9ECC-8EFCD1B3F07F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-12-04] (Google Inc -> Google Inc.)
Task: {3EAB45F4-FAD5-450D-ABA4-B23CB03D3149} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-12-04] (Google Inc -> Google Inc.)
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Users\udrzbaaqp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6dd2d4b8-6b64-11e9-9ce8-f85971a8590c} => removed successfully
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d5717618-fc7b-11e8-9cdb-d481d7f7f5c5} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3579EDA6-2001-47A0-9ECC-8EFCD1B3F07F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3579EDA6-2001-47A0-9ECC-8EFCD1B3F07F}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3EAB45F4-FAD5-450D-ABA4-B23CB03D3149}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EAB45F4-FAD5-450D-ABA4-B23CB03D3149}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
C:\Users\udrzbaaqp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 800262618 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 161942254 B
Edge => 5331139 B
Chrome => 595044376 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 12083 B
LocalService => 72469 B
NetworkService => 835723 B
mbajannekk => 835723 B
Udrzba => 835723 B
udrzbaaqp => 609233522 B
admin => 609233522 B

RecycleBin => 0 B
EmptyTemp: => 2.6 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 19:13:37 ====

#10 Příspěvek od **Rudy** » 07 črc 2020 18:53

Smazáno. Nastala nějaká změna?

Zihos · #11 Příspěvek od **Zihos** » 07 črc 2020 19:19

: Snímka.JPG (39.45 KiB) Zobrazeno 2011 x

Žiaľ nie

Zihos · #12 Příspěvek od **Zihos** » 07 črc 2020 19:21

Jediná možnosť po kliknutí na roletkove menu je Vypnúť natrvalo .....

#13 Příspěvek od **Rudy** » 07 črc 2020 19:51

OK. Udělejte kompletní sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde. Pokud se nezmění nic ani potom, firewall přeinstalujte.

VIRY.CZ

Zablokovaný Personálny firewal

Zablokovaný Personálny firewal

Re: Zablokovaný Personálny firewal

Re: Zablokovaný Personálny firewal

Re: Zablokovaný Personálny firewal

Re: Zablokovaný Personálny firewal

Re: Zablokovaný Personálny firewal

Re: Zablokovaný Personálny firewal

Re: Zablokovaný Personálny firewal

Re: Zablokovaný Personálny firewal

Re: Zablokovaný Personálny firewal

Re: Zablokovaný Personálny firewal

Re: Zablokovaný Personálny firewal

Re: Zablokovaný Personálny firewal