Prosím o preventivní kontrolu LOG
Napsal: 09 říj 2018 10:04
Dobrý den, při startu počítače se mi otevře mozila se stránkou která se evidentně připojuje na nějaké pochybné servery (eset začne bláznit a blokovat okna). Prosím proto o kontrolu logu a pomoc, jak to upravit.
FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.10.2018
Ran by DurnaD (administrator) on NB-029 (09-10-2018 10:57:59)
Running from C:\Users\durnad\Desktop
Loaded Profiles: DurnaD (Available Profiles: defaultuser0 & it & DurnaD)
Platform: Windows 10 Pro Version 1607 14393.576 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files\Broadcom\CV\bin\UshUpgradeService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\CV\bin\HostStorageService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(ESET) C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
() C:\Dell\Sytem64Folder\DellRctlService.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(McAfee, LLC.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, LLC.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1338\DSAPI.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1338\pcdrwi.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(McAfee, LLC.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(HP Inc.) C:\Program Files\HP\HP PageWide MFP P57750\Bin\ScanToPCActivationApp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffBackend.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(HP Inc.) C:\Program Files\HP\HP PageWide MFP P57750\Bin\HPNetworkCommunicatorCom.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-10-31] (Intel Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [754984 2016-05-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822016 2016-08-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1429248 2016-08-18] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [724400 2016-07-24] (Waves Audio Ltd.)
HKU\S-1-5-21-4106999633-2871329638-518651434-4360\...\Run: [Viber] => C:\Users\durnad\AppData\Local\Viber\Viber.exe [35828808 2018-09-27] (Viber Media S.Ã r.l.)
HKU\S-1-5-21-4106999633-2871329638-518651434-4360\...\Run: [HP PageWide MFP P57750 (NET)] => C:\Program Files\HP\HP PageWide MFP P57750\Bin\ScanToPCActivationApp.exe [3764360 2016-12-15] (HP Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2018-07-16] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1d84b795-4db9-4dd1-8ea2-daf251c89a23}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a88191eb-159f-4bdf-80b5-82d2a3c12597}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-4106999633-2871329638-518651434-4360\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-4106999633-2871329638-518651434-4360\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-4106999633-2871329638-518651434-4360 -> DefaultScope {92B29637-FFC4-420B-B6FA-A608E6B6BF20} URL =
SearchScopes: HKU\S-1-5-21-4106999633-2871329638-518651434-4360 -> {92B29637-FFC4-420B-B6FA-A608E6B6BF20} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-09-27] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 6ffi3ux2.default
FF ProfilePath: C:\Users\durnad\AppData\Roaming\Mozilla\Firefox\Profiles\6ffi3ux2.default [2018-10-09]
FF Homepage: Mozilla\Firefox\Profiles\6ffi3ux2.default -> hxxps://www.google.cz
FF NewTab: Mozilla\Firefox\Profiles\6ffi3ux2.default -> chrome://fvd.speeddial/content/fvd_about_blank.html
FF NewTabOverride: Mozilla\Firefox\Profiles\6ffi3ux2.default -> Enabled: pavel.sherbakov@gmail.com
FF Extension: (New Tab Page) - C:\Users\durnad\AppData\Roaming\Mozilla\Firefox\Profiles\6ffi3ux2.default\Extensions\pavel.sherbakov@gmail.com.xpi [2018-10-06]
FF Extension: (Firefox Monitor) - C:\Users\durnad\AppData\Roaming\Mozilla\Firefox\Profiles\6ffi3ux2.default\features\{6ecd7c32-49e5-4fb5-be14-04ea4c115118}\fxmonitor@mozilla.org.xpi [2018-10-04]
FF Extension: (Telemetry coverage) - C:\Users\durnad\AppData\Roaming\Mozilla\Firefox\Profiles\6ffi3ux2.default\features\{6ecd7c32-49e5-4fb5-be14-04ea4c115118}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-04] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default [2018-06-20]
CHR Extension: (Slides) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-20]
CHR Extension: (Docs) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-20]
CHR Extension: (Google Drive) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-03]
CHR Extension: (YouTube) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-03]
CHR Extension: (Sheets) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-20]
CHR Extension: (Google Docs Offline) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-20]
CHR Extension: (Gmail) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-03]
CHR Extension: (Chrome Media Router) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-20]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [104744 2016-05-17] (Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9680472 2018-09-26] (Microsoft Corporation)
S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [431088 2016-10-25] (Intel Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [94136 2016-06-02] (Dell Inc.)
S4 dcu-oobe; C:\Program Files (x86)\Dell\CommandUpdate\OobeService.exe [84408 2016-06-07] (Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2018-05-09] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3350512 2018-05-09] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2018-05-09] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1338\DSAPI.exe [939328 2018-10-04] (PC-Doctor, Inc.)
R2 DellRctlService; c:\Dell\Sytem64Folder\DellRctlService.exe [524352 2016-06-02] ()
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [41160 2015-10-02] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1576712 2015-10-02] (ESET)
R2 EraAgentSvc; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [1680000 2017-02-21] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [182984 2015-10-02] (ESET)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1585784 2016-06-04] (Intel Corporation)
R2 hostcontrolsvc; C:\Program Files\Broadcom\CV\bin\HostControlService.exe [1038336 2016-11-09] (Broadcom Corporation)
R2 hoststoragesvc; C:\Program Files\Broadcom\CV\bin\HostStorageService.exe [42496 2016-11-09] (Broadcom Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-10-31] (Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [172272 2016-03-15] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [356336 2016-10-25] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-09-04] (Intel Corporation)
R2 ktupdaterservice; C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe [982224 2017-09-27] (Kerio Technologies Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2016-02-08] ()
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2016-06-15] (HP Inc.) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2016-06-15] (HP Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-08-18] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2017-03-19] (Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [38872 2018-09-07] (Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1000824 2018-05-14] (McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2018-05-14] (McAfee, LLC.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2018-05-14] (McAfee, Inc.)
R2 ushupgradesvc; C:\Program Files\Broadcom\CV\bin\UshUpgradeService.exe [254464 2016-11-09] ()
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [613296 2016-06-14] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-02-08] (Intel® Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{2A54C219-8CF3-4AF7-BD44-E7B83D8E4501}
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 bcmnfcusb; C:\Windows\System32\drivers\bcmnfcusb.sys [46176 2016-11-09] (Broadcom Corporation.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [41608 2018-05-08] (Dell Inc.)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-05-08] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [22864 2016-10-27] (OSR Open Systems Resources, Inc.)
R3 DellRctl; C:\Windows\System32\drivers\DellRctl.sys [33616 2016-06-02] ()
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [70208 2016-05-19] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [65088 2016-05-19] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255272 2015-10-08] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186272 2015-10-08] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [169744 2015-10-08] (ESET)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [343608 2016-05-19] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [341256 2016-03-18] (Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTDVHD64.sys [2678792 2016-08-18] (Realtek Semiconductor Corp.)
S3 mosuport; C:\Windows\System32\drivers\mosuport.sys [371352 2016-08-04] (ASIX Electronics Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [758488 2015-08-05] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [146512 2015-07-02] (STMicroelectronics)
R3 wbfcvusbdrv; C:\Windows\System32\Drivers\wbfcvusbdrv.sys [20064 2016-11-09] (Broadcom Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-09 10:57 - 2018-10-09 10:58 - 000020540 _____ C:\Users\durnad\Desktop\FRST.txt
2018-10-09 10:57 - 2018-10-09 10:57 - 000000000 ____D C:\FRST
2018-10-09 10:48 - 2018-10-09 10:57 - 002414592 _____ (Farbar) C:\Users\durnad\Desktop\FRST64.exe
2018-10-09 10:36 - 2018-10-09 10:36 - 000000000 ____D C:\Users\durnad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2018-10-08 20:42 - 2018-10-08 20:42 - 000478392 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\095D238F.sys
2018-10-08 20:42 - 2018-10-08 20:42 - 000085600 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\59924038.sys
2018-10-08 20:41 - 2018-10-08 20:42 - 000000000 ____D C:\KVRT_Data
2018-10-08 20:33 - 2018-10-08 20:34 - 000000000 ____D C:\AdwCleaner
2018-10-08 19:31 - 2018-10-08 19:31 - 000000000 ____D C:\Users\durnad\AppData\Local\ESET
2018-10-08 18:14 - 2018-10-08 20:41 - 147701544 _____ (AO Kaspersky Lab) C:\Users\durnad\Desktop\KVRT.exe
2018-10-08 18:14 - 2018-10-08 20:33 - 007592144 _____ (Malwarebytes) C:\Users\durnad\Desktop\adwcleaner_7.2.4.0.exe
2018-10-08 14:40 - 2018-10-08 15:50 - 000000000 ____D C:\Users\durnad\Documents\GTA San Andreas User Files
2018-10-08 14:40 - 2018-10-08 14:40 - 000000000 ____D C:\ProgramData\Caphyon
2018-10-08 14:37 - 2018-10-08 14:37 - 000000000 ____D C:\Program Files (x86)\Rockstar games
2018-10-04 09:38 - 2018-10-04 09:38 - 000358168 _____ C:\Users\durnad\Desktop\ZL DOTAZNÍK 2018.pdf
2018-10-04 08:35 - 2018-10-04 08:35 - 000002237 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000002561 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2018-10-03 09:09 - 2018-10-03 09:09 - 000000000 ____D C:\Users\durnad\AppData\Local\Viber
2018-09-27 11:40 - 2018-09-27 11:40 - 000009032 _____ C:\Users\durnad\AppData\Local\recently-used.xbel
2018-09-26 14:50 - 2018-09-26 14:50 - 000000074 _____ C:\Windows\SysWOW64\SmartFlow.txt
2018-09-20 07:50 - 2018-09-20 07:50 - 000419842 _____ C:\Users\durnad\Desktop\Ubytování montážníci odjezd).pdf
2018-09-12 09:21 - 2018-09-12 09:21 - 000000000 _____ C:\Users\durnad\Documents\HPPW5775_Fax_Port
2018-09-10 19:01 - 2018-09-10 19:01 - 000000000 _____ C:\Windows\HPMProp.INI
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-09 10:54 - 2017-12-14 09:48 - 056140800 _____ C:\Users\durnad\Desktop\archive.pst
2018-10-09 10:54 - 2017-04-24 08:43 - 000000000 ____D C:\Users\durnad\Documents\Soubory aplikace Outlook
2018-10-09 10:47 - 2017-04-10 10:59 - 000000000 ____D C:\Users\durnad\AppData\LocalLow\Mozilla
2018-10-09 10:41 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-09 10:41 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\AppReadiness
2018-10-09 10:38 - 2017-04-28 09:17 - 000000000 ____D C:\ProgramData\firebird
2018-10-09 10:37 - 2018-08-16 16:40 - 000000000 ____D C:\Users\durnad\Documents\ViberDownloads
2018-10-09 10:37 - 2018-08-16 16:39 - 000000000 ____D C:\Users\durnad\AppData\Roaming\ViberPC
2018-10-09 10:36 - 2017-04-10 10:55 - 000000000 __SHD C:\Users\durnad\IntelGraphicsProfiles
2018-10-09 10:36 - 2017-04-10 10:24 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-10-09 06:42 - 2017-03-18 15:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-10-08 20:43 - 2017-03-18 15:41 - 004012250 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-08 20:43 - 2016-08-02 16:32 - 001719924 _____ C:\Windows\system32\perfh005.dat
2018-10-08 20:43 - 2016-08-02 16:32 - 000465472 _____ C:\Windows\system32\perfc005.dat
2018-10-08 20:37 - 2018-06-15 13:06 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-10-08 20:37 - 2017-03-18 15:44 - 000067257 _____ C:\Windows\system32\CVFirmwareUpgradeLog.txt
2018-10-08 20:37 - 2017-03-18 15:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-08 20:36 - 2016-07-16 08:04 - 000786432 _____ C:\Windows\system32\config\BBI
2018-10-08 19:20 - 2017-09-10 15:30 - 000000000 ____D C:\Users\durnad\Desktop\Dominik Soukromé
2018-10-08 19:17 - 2017-04-10 10:55 - 000000000 ____D C:\Users\durnad\AppData\Local\Packages
2018-10-08 17:59 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\LiveKernelReports
2018-10-08 17:57 - 2017-03-18 16:17 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-08 17:51 - 2017-04-10 10:55 - 000000000 ____D C:\Users\durnad
2018-10-08 17:50 - 2017-04-10 10:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-08 17:50 - 2017-04-10 10:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-10-08 17:50 - 2017-03-18 15:26 - 000498136 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-08 14:46 - 2016-07-16 13:36 - 000000000 ____D C:\Windows\CbsTemp
2018-10-08 14:44 - 2016-07-16 13:43 - 000471040 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2018-10-08 14:44 - 2016-07-16 13:43 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2018-10-08 14:44 - 2016-07-16 13:43 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2018-10-08 14:44 - 2016-07-16 13:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2018-10-05 08:36 - 2018-07-12 21:42 - 000001503 _____ C:\Users\durnad\Desktop\SQL Ekonom.lnk
2018-10-05 08:35 - 2017-04-10 02:59 - 000000120 _____ C:\Windows\system32\config\netlogon.ftl
2018-10-04 08:37 - 2018-05-17 12:08 - 000004242 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-10-04 08:37 - 2017-03-18 15:49 - 000000000 ____D C:\ProgramData\PCDr
2018-10-04 08:35 - 2017-03-18 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2018-10-04 08:35 - 2016-07-16 13:45 - 000000000 ____D C:\Windows\INF
2018-10-04 08:34 - 2017-06-28 12:07 - 000000000 ____D C:\ProgramData\SupportAssist
2018-10-04 08:30 - 2017-04-10 10:30 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-03 17:56 - 2017-04-10 11:44 - 000000000 ____D C:\Users\durnad\AppData\LocalLow\Adobe
2018-10-03 17:28 - 2017-04-10 10:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-03 17:25 - 2018-06-12 16:47 - 000000000 ____D C:\Users\durnad\Documents\SimCity 4
2018-10-03 10:40 - 2016-07-16 13:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-03 10:38 - 2017-03-18 15:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-09-27 11:41 - 2017-05-02 14:39 - 000000000 ____D C:\Users\durnad\.gimp-2.8
2018-09-27 11:40 - 2017-05-02 14:42 - 000000000 ____D C:\Users\durnad\AppData\Local\gtk-2.0
2018-09-25 15:14 - 2017-11-13 09:34 - 000000000 ____D C:\Users\durnad\Desktop\Dokumentace pro Uralské Loko
2018-09-24 13:38 - 2017-04-10 10:06 - 000009160 __RSH C:\ProgramData\ntuser.pol
2018-09-23 13:33 - 2017-04-10 10:53 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-23 11:28 - 2018-03-02 08:51 - 000003360 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4106999633-2871329638-518651434-4360
2018-09-23 11:27 - 2017-04-10 10:57 - 000002392 _____ C:\Users\durnad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-23 11:27 - 2017-04-10 10:57 - 000000000 ___RD C:\Users\durnad\OneDrive
2018-09-21 09:31 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\NDF
2018-09-18 22:32 - 2017-04-10 10:26 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-12 09:21 - 2017-04-11 14:16 - 000000000 ____D C:\Users\durnad\AppData\Local\HP
2018-09-12 09:03 - 2018-03-14 09:33 - 000004638 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-12 09:03 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-09-12 09:03 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\Macromed
2018-09-11 15:24 - 2017-04-10 02:44 - 000003276 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2018-09-10 19:00 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\spool
2018-09-09 20:20 - 2017-04-10 10:06 - 000000000 ____D C:\Users\tratadmin
2018-09-09 20:20 - 2017-04-10 02:39 - 000000000 ____D C:\Users\it
2018-09-09 20:20 - 2017-04-10 02:36 - 000000000 ____D C:\Users\defaultuser0
==================== Files in the root of some directories =======
2018-07-03 22:32 - 2018-08-09 15:49 - 000000000 _____ () C:\Users\durnad\AppData\Roaming\FileIn.cns
2018-07-03 22:32 - 2018-08-09 15:49 - 000000000 _____ () C:\Users\durnad\AppData\Roaming\FileOut.cns
2018-09-27 11:40 - 2018-09-27 11:40 - 000009032 _____ () C:\Users\durnad\AppData\Local\recently-used.xbel
Some files in TEMP:
====================
2017-07-25 16:24 - 2017-01-18 13:50 - 000066472 _____ (Autodesk, Inc.) C:\Users\durnad\AppData\Local\Temp\AcDeltree.exe
2018-03-14 17:51 - 2018-03-14 17:51 - 000231936 _____ (Kerio Technologies Inc.) C:\Users\durnad\AppData\Local\Temp\KTOutlk.dll
2018-06-15 13:05 - 2018-06-15 13:05 - 000070160 _____ (ESET) C:\Users\durnad\AppData\Local\Temp\sha1sum.exe
2017-04-28 09:13 - 2017-04-28 09:13 - 000231936 _____ (Kerio Technologies Inc.) C:\Users\tratadmin\AppData\Local\Temp\KTOutlk.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-10-04 11:41
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.10.2018
Ran by DurnaD (09-10-2018 10:59:00)
Running from C:\Users\durnad\Desktop
Windows 10 Pro Version 1607 14393.576 (X64) (2017-04-10 00:38:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3801480981-3194726390-2044637386-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3801480981-3194726390-2044637386-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3801480981-3194726390-2044637386-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3801480981-3194726390-2044637386-501 - Limited - Disabled)
it (S-1-5-21-3801480981-3194726390-2044637386-1001 - Administrator - Enabled) => C:\Users\it
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Endpoint Antivirus 6.2.2033.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 6.2.2033.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{13DA9C7C-EBFB-40D0-94A1-55B42883DF21}) (Version: 21.2.1 - HP Inc.) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20071 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{552523b2-40ad-46b3-94f6-2b99d0860d5c}) (Version: 18.40.0 - Intel Corporation)
Autodesk DWG TrueView 2018 - English (HKLM\...\DWG TrueView 2018 - English) (Version: 22.0.50.0 - Autodesk)
Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.1.1 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.2.0 - Dell Inc.)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{0F987BC2-6177-4A85-B441-BD26838242CE}) (Version: 4.5.17.305 - Broadcom Limited)
Dell Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\{50EF2C72-95EC-4206-AAC3-9E84004A6140}) (Version: 3.0.1.62 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.1207.101.113 - ALPS ELECTRIC CO., LTD.)
Dell WLAN Radio Switch Driver (HKLM\...\{0C073C52-562D-4897-9839-5AE5405EC462}) (Version: 1.0.0.7 - Dell Inc.)
DWG TrueView 2018 - English (HKLM\...\{28B89EEF-1028-0409-0100-CF3F3A09B77D}) (Version: 22.0.50.0 - Autodesk) Hidden
Empire Earth - The Art of Conquest (HKLM-x32\...\{A10D72B9-9B20-47F8-AE4D-365BCC89F324}) (Version: 1.0.0.0 - Název společnosti:) Hidden
Empire Earth - The Art of Conquest (HKLM-x32\...\InstallShield_{A10D72B9-9B20-47F8-AE4D-365BCC89F324}) (Version: 1.0.0.0 - Název společnosti:)
Empire Earth (HKLM-x32\...\{65B09E79-0187-4813-8258-03991132E5A5}) (Version: 2.0.0.0 - Název společnosti:) Hidden
Empire Earth (HKLM-x32\...\InstallShield_{65B09E79-0187-4813-8258-03991132E5A5}) (Version: 2.0.0.0 - Název společnosti:)
ESET Endpoint Antivirus (HKLM\...\{3F2F7E08-192B-4F74-A540-E61BB8CD2A1E}) (Version: 6.2.2033.1 - ESET, spol. s r.o.)
ESET Remote Administrator Agent (HKLM\...\{41F12F70-5FA9-43F5-94F4-53B54EB4EEC4}) (Version: 6.5.522.0 - ESET, spol. s r.o.)
Firebird 2.5.0.26074 (x64) (HKLM\...\FBDBServer_2_5_x64_is1) (Version: 2.5.0.26074 - Firebird Project)
Firebird/InterBase(r) ODBC driver 2.0 (HKLM-x32\...\Firebird ODBC Driver_is1) (Version: 2.0 - Firebird Project)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
GTA San Andreas CZ (HKLM-x32\...\GTA San Andreas CZ 1.3.0) (Version: 1.3.0 - Rockstar Games)
HP Dropbox Plugin (HKLM-x32\...\{C532369A-0DB2-4955-99C2-15711A0EBA11}) (Version: 36.0.49.62779 - HP)
HP Google Drive Plugin (HKLM-x32\...\{E7AA21C9-D2D2-4AE0-9F61-D2FC755C933E}) (Version: 36.0.49.62779 - HP)
HP OneDrive Plugin (HKLM-x32\...\{D153F4F6-A6A7-459C-86F0-306052B34665}) (Version: 36.0.0.0 - HP)
IBM SPSS Statistics Subscription (HKLM\...\{02D81DCC-13D1-465C-9292-E46956489CA1}) (Version: 1.0.0.903 - IBM Corp)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1167 - Intel Corporation)
Intel(R) Network Connections 20.3.300.1 (HKLM\...\PROSetDX) (Version: 20.3.300.1 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.2.1030 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{A354DC98-2677-4967-8AA0-3B867EE10202}) (Version: 18.1.1611.3223 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kerio Connect (HKU\S-1-5-21-4106999633-2871329638-518651434-4360\...\KerioConnect) (Version: 9.2.3.9362 - Kerio Technologies Inc.)
Kerio Outlook Connector (Offline Edition) (HKLM-x32\...\{4A365C62-0B2C-4A5F-ACED-4F059BDDAC59}) (Version: 9.2.3336 - Kerio Technologies Inc.)
Kerio Updater Service (HKLM-x32\...\{c5ca4ec3-10b2-4447-b323-8448aae57a0b}) (Version: 2.0.176 - Kerio Technologies, Inc.) <==== ATTENTION
LibreOffice 5.3.2.2 (HKLM-x32\...\{8DA98699-6AD4-49CF-A9A0-B5E7B7981BE6}) (Version: 5.3.2.2 - The Document Foundation)
Live for Speed (HKLM-x32\...\Live for Speed) (Version: 0.6G - Jimbo)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8627.1 - Waves Audio Ltd.) Hidden
McAfee True Key (HKLM\...\TrueKey) (Version: 5.0.150.1 - McAfee)
Microsoft Office 2016 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 16.0.10827.20138 - Microsoft Corporation)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.10827.20138 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4106999633-2871329638-518651434-4360\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 62.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 62.0.3 (x64 cs)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
PowerKey 3.0 (HKLM-x32\...\PowerKey3.0) (Version: - )
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6111 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\GOGPACKRCT3_is1) (Version: 2.0.0.13 - GOG.com)
SimCity 4 Deluxe Edition (HKLM-x32\...\GOGPACKSC4_is1) (Version: 2.0.0.8 - GOG.com)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0071 - ST Microelectronics)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer)
Trainz Simulator 2009: World Builder Edition (HKLM-x32\...\AuranTS2009_is1) (Version: - Auran)
Viber (HKLM-x32\...\{FF0EABB8-2954-496B-8F2C-ADC004DFB39C}) (Version: 9.4.0.13 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-4106999633-2871329638-518651434-4360\...\{4145fbea-95a1-4c9d-a22e-809f70175be0}) (Version: 9.4.0.13 - Viber Media Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
Warcraft III - Gold Edition verze 1.26 (HKLM-x32\...\{1DD8BB83-A075-4F9B-9F24-9383BC647D65}_is1) (Version: 1.26 - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Základní software zařízení HP Officejet Pro X576dw MFP (HKLM\...\{D98DDEDB-CE21-42EE-8BDB-02ED2395D06C}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Základní software zařízení HP PageWide MFP P57750 (HKLM\...\{BD4A2FF8-641B-4360-8ED4-BF8B867F1412}) (Version: 39.4.1978.16350 - HP Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4106999633-2871329638-518651434-4360_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\dwgviewr.exe => No File
CustomCLSID: HKU\S-1-5-21-4106999633-2871329638-518651434-4360_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4106999633-2871329638-518651434-4360_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - English\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4106999633-2871329638-518651434-4360_Classes\CLSID\{CBBF6A46-87BC-A0B6-0D2E-2BB5531C96D3}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-15] (Autodesk, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-15] (Autodesk)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2015-10-02] (ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2015-10-02] (ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-10-25] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2015-10-02] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08C9FCAA-FDE2-40FD-9466-0A73FE347F48} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [2016-09-14] ()
Task: {198FA073-AECE-40F4-B292-4997D6E3B425} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}
Task: {1B8C2E07-A066-48AF-B670-3D8319A0E5E5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-10-03] (Microsoft Corporation)
Task: {206DEBD1-0041-495E-9127-A3DE1CBECE6B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWoW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {3061E025-2BD5-4403-956D-C2EC2D04DEC2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {332EC765-CC61-4259-AB33-FD31A6F6F9AD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-26] (Microsoft Corporation)
Task: {36511363-C79D-406C-B7FE-21B68CCCABC4} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-09-07] (Dell Inc.)
Task: {4655C382-B0A9-4376-A9DC-8582A4498D3A} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-08-18] (Realtek Semiconductor)
Task: {4F39A6DC-1EC7-4D5A-84A1-CF05D16DC911} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\Explorer.EXE /NOUACCHECK
Task: {5E8B2054-CD45-4AD0-AF2F-5E28331416E2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-03] (Microsoft Corporation)
Task: {76725CB1-274C-419D-8068-72D90C912734} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-03] (Microsoft Corporation)
Task: {82F22249-9BC4-4179-8734-65682B9464E2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-26] (Microsoft Corporation)
Task: {9408B5B4-7104-47EA-8DE5-33DAC593C1A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-10] (Google Inc.)
Task: {97BD698F-AFBD-43E8-B481-EC9FD8F5E08C} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-02-27] (McAfee, Inc.)
Task: {A0D4F310-7D43-4B96-88EA-D049407A3EA6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-10] (Google Inc.)
Task: {BBD50DF2-7156-4360-9E50-F1EA2E04A05C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {C2D039E6-3FC2-4112-8CA6-47CA8895A154} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-10-03] (Microsoft Corporation)
Task: {F646C284-D5D2-4E5E-B910-D6984C73B724} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI_ActiveScriptEventConsumer_DellCommandPowerManagerAlertEventConsumer:
WMI_ActiveScriptEventConsumer_DellCommandPowerManagerPolicyChangeEventConsumer:
Shortcut: C:\Users\durnad\AppData\Roaming\Microsoft\Word\Статус%20выполнения%20по%20проектно-поэтапному%20п306848901688930916\Статус%20выполнения%20по%20проектно-поэтапному%20плану%20по%20унив.%20сан.комплексу%20от%20TRATEC.doc.lnk -> [LF `N"|5pu6l4U//D:\tY^Hg3(w,/J>Vh6 !B0BCA 2K?>;=5=8O ?> ?@>5:B=>-?>MB0?=><C ?;0=C ?> C=82. A0=.:><?;5:AC >B TRATEC.doc.!B0BCA 2K?>;=5=8O ?> ?@>5:B=>-?>MB0?=><C ?;0=C ?> C=82. A0=.:><?;5:AC >B TRATEC.doc>$$5:<D:\?????? ?????????? ?? ????????-?????????? ????? ?? ????. ???.????????? ?? TRATEC.docD:\!B0BCA 2K?>;=5=8O ?> ?@>5:B=>-?>MB0?=><C ?;0=C ?> C=82. A0=.:><?;5:AC >B TRATEC.docNejnovja verze12] (No File) <==== Cyrillic
==================== Loaded Modules (Whitelisted) ==============
2017-03-18 15:44 - 2016-11-09 08:37 - 000254464 _____ () C:\Program Files\Broadcom\CV\bin\UshUpgradeService.exe
2016-06-02 11:23 - 2016-06-02 11:23 - 000524352 _____ () c:\Dell\Sytem64Folder\DellRctlService.exe
2018-10-04 08:36 - 2018-10-04 08:36 - 002587968 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1338\libprotobuf.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-03-19 00:18 - 2017-03-19 00:18 - 002681200 _____ () C:\Windows\System32\CoreUIComponents.dll
2017-03-18 23:53 - 2016-10-25 05:09 - 000384496 _____ () C:\Windows\system32\igfxTray.exe
2017-03-19 00:18 - 2017-03-19 00:18 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-19 00:18 - 2017-03-19 00:18 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-19 00:18 - 2017-03-19 00:18 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-19 00:18 - 2017-03-19 00:18 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-19 00:18 - 2017-03-19 00:18 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-19 00:18 - 2017-03-19 00:18 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-19 00:18 - 2017-03-19 00:18 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2018-08-05 22:24 - 2018-08-06 18:30 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-08-05 22:24 - 2018-08-06 18:30 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-08-05 22:24 - 2018-08-06 18:30 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-08-05 22:24 - 2018-08-06 18:30 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\skypert.dll
2018-08-05 22:24 - 2018-08-05 22:24 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000361984 _____ () C:\Windows\SYSTEM32\HrtfApo.dll
2017-09-27 23:37 - 2017-09-27 23:37 - 000073928 _____ () C:\Program Files (x86)\Kerio\UpdaterService\ktzlib100_1.2.8.dll
2016-05-02 15:46 - 2016-05-02 15:46 - 000134008 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-09-04 21:34 - 2015-09-04 21:34 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-09-27 23:34 - 2017-09-27 23:34 - 000073928 _____ () C:\Program Files (x86)\Kerio\Outlook Connector (Offline Edition)\ktzlib100_1.2.8.dll
2017-09-27 23:34 - 2017-09-27 23:34 - 000297656 _____ () C:\Program Files (x86)\Kerio\Outlook Connector (Offline Edition)\gmime.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-4106999633-2871329638-518651434-4360\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4106999633-2871329638-518651434-4360\Control Panel\Desktop\\Wallpaper -> C:\Users\durnad\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{48A1358E-A01B-49D2-8C10-2F25FD11E2F0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{BE40AF96-4976-4628-9E90-3D05E5293EDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BF79046D-E614-48FD-88A3-527678B6D77F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BADD556D-583F-4E24-85D5-94031C159B30}] => (Allow) C:\Program Files\HP\HP Officejet Pro X576dw MFP\bin\FaxApplications.exe
FirewallRules: [{861B21A2-93E2-4293-84E2-66F365818F77}] => (Allow) C:\Program Files\HP\HP Officejet Pro X576dw MFP\bin\DigitalWizards.exe
FirewallRules: [{8B9D14FE-775F-4B13-BFEE-955E5157F716}] => (Allow) C:\Program Files\HP\HP Officejet Pro X576dw MFP\bin\SendAFax.exe
FirewallRules: [{02000F51-CA96-4D7F-8110-E1C8E32ECAD3}] => (Allow) C:\Program Files\HP\HP Officejet Pro X576dw MFP\Bin\DeviceSetup.exe
FirewallRules: [{8D026618-6C09-440D-A146-14C0E5CF20D3}] => (Allow) LPort=5357
FirewallRules: [{B823ACFC-F245-448C-9964-C9F43A8B2A2B}] => (Allow) C:\Program Files\HP\HP Officejet Pro X576dw MFP\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{877B71B5-1DDF-4C2F-BC6D-5FF570CC8D8E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B8EFE7A2-500B-495E-B27F-4346B34D87CE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{3CD53DFB-16D4-4F96-82E1-1F58B9DB64A7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7CBEA17D-7BF7-4817-A525-5F54B6D5B767}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{E390A422-5798-4889-A319-B2699031C5C9}C:\program files (x86)\sierra\empire earth\empire earth.exe] => (Block) C:\program files (x86)\sierra\empire earth\empire earth.exe
FirewallRules: [UDP Query User{BADC76D9-F48A-4314-AD67-173A32F7CA87}C:\program files (x86)\sierra\empire earth\empire earth.exe] => (Block) C:\program files (x86)\sierra\empire earth\empire earth.exe
FirewallRules: [TCP Query User{E8D289C8-79B5-45D5-B452-E9A742CDE089}C:\program files (x86)\sierra\empire earth\empire earth.exe] => (Block) C:\program files (x86)\sierra\empire earth\empire earth.exe
FirewallRules: [UDP Query User{F289773E-500F-4732-B214-BF2773723939}C:\program files (x86)\sierra\empire earth\empire earth.exe] => (Block) C:\program files (x86)\sierra\empire earth\empire earth.exe
FirewallRules: [TCP Query User{C4D325FD-43DD-451F-BFAB-0B86DC804845}C:\program files (x86)\train simulator\train simulator 2017\railworks.exe] => (Block) C:\program files (x86)\train simulator\train simulator 2017\railworks.exe
FirewallRules: [UDP Query User{B88A16F0-B538-411E-919A-9292556F481B}C:\program files (x86)\train simulator\train simulator 2017\railworks.exe] => (Block) C:\program files (x86)\train simulator\train simulator 2017\railworks.exe
FirewallRules: [TCP Query User{E1324EE3-B5ED-41B4-8D81-49BF35330E99}C:\program files (x86)\sierra\empire earth - the art of conquest\ee-aoc.exe] => (Block) C:\program files (x86)\sierra\empire earth - the art of conquest\ee-aoc.exe
FirewallRules: [UDP Query User{6C858F97-EB76-4B01-94A6-289B02ED0EF4}C:\program files (x86)\sierra\empire earth - the art of conquest\ee-aoc.exe] => (Block) C:\program files (x86)\sierra\empire earth - the art of conquest\ee-aoc.exe
FirewallRules: [TCP Query User{4BA50885-B820-4E69-A095-2D40DF729240}C:\program files\ibm\spss\statistics\subscription\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\subscription\stats.exe
FirewallRules: [UDP Query User{5233151F-A8F0-4E15-A45E-3920354B117E}C:\program files\ibm\spss\statistics\subscription\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\subscription\stats.exe
FirewallRules: [{BB529979-7A12-475B-853E-43AB04FA93AA}] => (Allow) C:\Program Files\HP\HP PageWide MFP P57750\bin\FaxApplications.exe
FirewallRules: [{2400020A-E7DD-4D35-8839-13DB5B8E3B11}] => (Allow) C:\Program Files\HP\HP PageWide MFP P57750\bin\DigitalWizards.exe
FirewallRules: [{25540852-F709-4347-8B9E-C447CAB6BA96}] => (Allow) C:\Program Files\HP\HP PageWide MFP P57750\bin\SendAFax.exe
FirewallRules: [{584541A7-B030-4528-8631-63A4A6525B17}] => (Allow) C:\Program Files\HP\HP PageWide MFP P57750\bin\FaxPrinterUtility.exe
FirewallRules: [{1C61F5F7-6FCD-4E31-8124-FA8FD54FF5A5}] => (Allow) C:\Program Files\HP\HP PageWide MFP P57750\Bin\DeviceSetup.exe
FirewallRules: [{DB72C0BF-7CA4-42B0-945D-DCDC4F70FBF0}] => (Allow) C:\Program Files\HP\HP PageWide MFP P57750\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{AC067B7B-8E7E-4108-AD13-EBEF78EB4A6D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8BF4A2CC-37F9-4C7F-954D-CEA27AED5128}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F2F9AB30-0D6D-4913-A8F7-B93D5F39B7BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{578E3637-BE6E-4AF4-9743-420FDCEF23CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BB318252-FC95-4916-B77C-AD3E643E185E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FA451DEB-13D5-4F53-A21E-7DD71FE99BA5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
02-10-2018 09:54:45 Naplánovaný kontrolní bod
08-10-2018 14:40:44 Instalační služba modulů systému Windows
08-10-2018 14:41:58 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/09/2018 10:39:42 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/09/2018 10:38:21 AM) (Source: Outlook) (EventID: 68) (User: )
Description: Upozornění zabezpečení pro načtení souboru KOFXP.DLL. Knihovna DLL tohoto zprostředkovatele MAPI může být pro váš systém škodlivá. Měli byste načítat jenom knihovny DLL od důvěryhodných zprostředkovatelů, kteří jsou zaregistrovaní v MapiSvc.Inf. Knihovna DLL tohoto zprostředkovatele se v příští aktualizaci klienta Outlooku zablokuje a její funkce už nebudou k dispozici. Další informace o registraci zprostředkovatelů knihoven DLL najdete v článku https://go.microsoft.com/fwlink/?linkid ... lcid=0x409.
Error: (10/08/2018 08:37:11 PM) (Source: DellRctlService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/08/2018 08:37:10 PM) (Source: DellRctlService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/08/2018 08:37:09 PM) (Source: DellRctlService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/08/2018 08:26:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TRATEC)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (10/08/2018 07:22:26 PM) (Source: Outlook) (EventID: 68) (User: )
Description: Upozornění zabezpečení pro načtení souboru KOFXP.DLL. Knihovna DLL tohoto zprostředkovatele MAPI může být pro váš systém škodlivá. Měli byste načítat jenom knihovny DLL od důvěryhodných zprostředkovatelů, kteří jsou zaregistrovaní v MapiSvc.Inf. Knihovna DLL tohoto zprostředkovatele se v příští aktualizaci klienta Outlooku zablokuje a její funkce už nebudou k dispozici. Další informace o registraci zprostředkovatelů knihoven DLL najdete v článku https://go.microsoft.com/fwlink/?linkid ... lcid=0x409.
Error: (10/08/2018 06:34:21 PM) (Source: Outlook) (EventID: 68) (User: )
Description: Upozornění zabezpečení pro načtení souboru KOFXP.DLL. Knihovna DLL tohoto zprostředkovatele MAPI může být pro váš systém škodlivá. Měli byste načítat jenom knihovny DLL od důvěryhodných zprostředkovatelů, kteří jsou zaregistrovaní v MapiSvc.Inf. Knihovna DLL tohoto zprostředkovatele se v příští aktualizaci klienta Outlooku zablokuje a její funkce už nebudou k dispozici. Další informace o registraci zprostředkovatelů knihoven DLL najdete v článku https://go.microsoft.com/fwlink/?linkid ... lcid=0x409.
System errors:
=============
Error: (10/09/2018 10:39:21 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Tento počítač nemohl nastavit zabezpečenou relaci s řadičem
domény v doméně TRATEC z následujícího důvodu:
Pro vyřízení žádosti o přihlášení nejsou nyní k dispozici žádné přihlašovací servery.
To může vést k potížím při ověřování. Přesvědčte se, zda je tento
počítač připojen k síti. Pokud potíže trvají,
obraťte se na správce domény.
DALŠÍ INFORMACE
Pokud je tento počítač řadičem domény pro určenou doménu,
nastaví zabezpečenou relaci s emulátorem primárního řadiče domény v určené
doméně. V opačném případě tento počítač nastaví zabezpečenou relaci s libovolným řadičem domény
v určené doméně.
Error: (10/09/2018 10:36:38 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: TRATEC)
Description: Selhání 1.
Název objektu zásad skupiny: MAPDRIVE-PRINTER-SHORTCUT
Cesta k objektu zásad skupiny: \\TRATEC.local\SysVol\TRATEC.local\Policies\{1EC5D8BD-49C1-4C79-B691-EE65F18D4BA8}\User
Název skriptu: \\s2008-02\VYROBA\!!\epc_log\testpc.vbs
Error: (10/09/2018 10:36:38 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: TRATEC)
Description: Selhání 1.
Název objektu zásad skupiny: Default Domain Policy
Cesta k objektu zásad skupiny: \\TRATEC.local\sysvol\TRATEC.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\User
Název skriptu: start.cmd
Error: (10/09/2018 10:36:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2018 10:36:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2018 10:36:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2018 10:36:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2018 10:36:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2017-04-10 10:34:11.428
Description:
Virtuální počítač Windows Defender narazil na chybu při pokusu o nahrání podezřelého souboru pro další analýzu.
Název souboru: C:\Users\tratadmin\Downloads\kerio-connect-koff-9.2.2-2831-p1-win64.msi
Sha256: a437757833b20c8c58a3ccf7b9feac4fb497c58b8519bea1b0c8b1a5973511dd
Aktuální verze podpisu: AV: 1.239.1181.0, AS: 1.239.1181.0
Aktuální verze modulu: 1.1.13601.0
Kód chyby: 0x80078032
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 47%
Total physical RAM: 8074.95 MB
Available physical RAM: 4279.1 MB
Total Virtual: 9354.95 MB
Available Virtual: 5011.17 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:456.11 GB) (Free:190.99 GB) NTFS
\\?\Volume{6eb99678-1420-4331-8c48-c938897dab91}\ (WINRETOOLS) (Fixed) (Total:0.45 GB) (Free:0.08 GB) NTFS
\\?\Volume{84262ddf-8896-47b0-add7-4fd4fbcb9972}\ (Image) (Fixed) (Total:8.59 GB) (Free:0.58 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 43969A7D)
Partition: GPT.
==================== End of Addition.txt ============================
FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.10.2018
Ran by DurnaD (administrator) on NB-029 (09-10-2018 10:57:59)
Running from C:\Users\durnad\Desktop
Loaded Profiles: DurnaD (Available Profiles: defaultuser0 & it & DurnaD)
Platform: Windows 10 Pro Version 1607 14393.576 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files\Broadcom\CV\bin\UshUpgradeService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\CV\bin\HostControlService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\CV\bin\HostStorageService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(ESET) C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
() C:\Dell\Sytem64Folder\DellRctlService.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(McAfee, LLC.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, LLC.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1338\DSAPI.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1338\pcdrwi.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(McAfee, LLC.) C:\Program Files\TrueKey\McAfee.TrueKey.SmartMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(HP Inc.) C:\Program Files\HP\HP PageWide MFP P57750\Bin\ScanToPCActivationApp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\Outlook Connector (Offline Edition)\KoffBackend.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(HP Inc.) C:\Program Files\HP\HP PageWide MFP P57750\Bin\HPNetworkCommunicatorCom.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-10-31] (Intel Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [754984 2016-05-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8822016 2016-08-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1429248 2016-08-18] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [724400 2016-07-24] (Waves Audio Ltd.)
HKU\S-1-5-21-4106999633-2871329638-518651434-4360\...\Run: [Viber] => C:\Users\durnad\AppData\Local\Viber\Viber.exe [35828808 2018-09-27] (Viber Media S.Ã r.l.)
HKU\S-1-5-21-4106999633-2871329638-518651434-4360\...\Run: [HP PageWide MFP P57750 (NET)] => C:\Program Files\HP\HP PageWide MFP P57750\Bin\ScanToPCActivationApp.exe [3764360 2016-12-15] (HP Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2018-07-16] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1d84b795-4db9-4dd1-8ea2-daf251c89a23}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a88191eb-159f-4bdf-80b5-82d2a3c12597}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-4106999633-2871329638-518651434-4360\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-4106999633-2871329638-518651434-4360\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-4106999633-2871329638-518651434-4360 -> DefaultScope {92B29637-FFC4-420B-B6FA-A608E6B6BF20} URL =
SearchScopes: HKU\S-1-5-21-4106999633-2871329638-518651434-4360 -> {92B29637-FFC4-420B-B6FA-A608E6B6BF20} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-09-27] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-03] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 6ffi3ux2.default
FF ProfilePath: C:\Users\durnad\AppData\Roaming\Mozilla\Firefox\Profiles\6ffi3ux2.default [2018-10-09]
FF Homepage: Mozilla\Firefox\Profiles\6ffi3ux2.default -> hxxps://www.google.cz
FF NewTab: Mozilla\Firefox\Profiles\6ffi3ux2.default -> chrome://fvd.speeddial/content/fvd_about_blank.html
FF NewTabOverride: Mozilla\Firefox\Profiles\6ffi3ux2.default -> Enabled: pavel.sherbakov@gmail.com
FF Extension: (New Tab Page) - C:\Users\durnad\AppData\Roaming\Mozilla\Firefox\Profiles\6ffi3ux2.default\Extensions\pavel.sherbakov@gmail.com.xpi [2018-10-06]
FF Extension: (Firefox Monitor) - C:\Users\durnad\AppData\Roaming\Mozilla\Firefox\Profiles\6ffi3ux2.default\features\{6ecd7c32-49e5-4fb5-be14-04ea4c115118}\fxmonitor@mozilla.org.xpi [2018-10-04]
FF Extension: (Telemetry coverage) - C:\Users\durnad\AppData\Roaming\Mozilla\Firefox\Profiles\6ffi3ux2.default\features\{6ecd7c32-49e5-4fb5-be14-04ea4c115118}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-04] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWoW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default [2018-06-20]
CHR Extension: (Slides) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-20]
CHR Extension: (Docs) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-20]
CHR Extension: (Google Drive) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-03]
CHR Extension: (YouTube) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-03]
CHR Extension: (Sheets) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-20]
CHR Extension: (Google Docs Offline) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-06-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-20]
CHR Extension: (Gmail) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-03]
CHR Extension: (Chrome Media Router) - C:\Users\durnad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-20]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [104744 2016-05-17] (Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9680472 2018-09-26] (Microsoft Corporation)
S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [431088 2016-10-25] (Intel Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [94136 2016-06-02] (Dell Inc.)
S4 dcu-oobe; C:\Program Files (x86)\Dell\CommandUpdate\OobeService.exe [84408 2016-06-07] (Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2018-05-09] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3350512 2018-05-09] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2018-05-09] (Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1338\DSAPI.exe [939328 2018-10-04] (PC-Doctor, Inc.)
R2 DellRctlService; c:\Dell\Sytem64Folder\DellRctlService.exe [524352 2016-06-02] ()
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [41160 2015-10-02] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1576712 2015-10-02] (ESET)
R2 EraAgentSvc; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [1680000 2017-02-21] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [182984 2015-10-02] (ESET)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1585784 2016-06-04] (Intel Corporation)
R2 hostcontrolsvc; C:\Program Files\Broadcom\CV\bin\HostControlService.exe [1038336 2016-11-09] (Broadcom Corporation)
R2 hoststoragesvc; C:\Program Files\Broadcom\CV\bin\HostStorageService.exe [42496 2016-11-09] (Broadcom Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-10-31] (Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [172272 2016-03-15] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [356336 2016-10-25] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-09-04] (Intel Corporation)
R2 ktupdaterservice; C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe [982224 2017-09-27] (Kerio Technologies Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2016-02-08] ()
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2016-06-15] (HP Inc.) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2016-06-15] (HP Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-08-18] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2017-03-19] (Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [38872 2018-09-07] (Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-08-13] (TeamViewer GmbH)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1000824 2018-05-14] (McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2018-05-14] (McAfee, LLC.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2018-05-14] (McAfee, Inc.)
R2 ushupgradesvc; C:\Program Files\Broadcom\CV\bin\UshUpgradeService.exe [254464 2016-11-09] ()
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [613296 2016-06-14] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-02-08] (Intel® Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{2A54C219-8CF3-4AF7-BD44-E7B83D8E4501}
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 bcmnfcusb; C:\Windows\System32\drivers\bcmnfcusb.sys [46176 2016-11-09] (Broadcom Corporation.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [41608 2018-05-08] (Dell Inc.)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-05-08] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [22864 2016-10-27] (OSR Open Systems Resources, Inc.)
R3 DellRctl; C:\Windows\System32\drivers\DellRctl.sys [33616 2016-06-02] ()
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [70208 2016-05-19] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [65088 2016-05-19] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255272 2015-10-08] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186272 2015-10-08] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [169744 2015-10-08] (ESET)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [343608 2016-05-19] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [341256 2016-03-18] (Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTDVHD64.sys [2678792 2016-08-18] (Realtek Semiconductor Corp.)
S3 mosuport; C:\Windows\System32\drivers\mosuport.sys [371352 2016-08-04] (ASIX Electronics Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [758488 2015-08-05] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [146512 2015-07-02] (STMicroelectronics)
R3 wbfcvusbdrv; C:\Windows\System32\Drivers\wbfcvusbdrv.sys [20064 2016-11-09] (Broadcom Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-09 10:57 - 2018-10-09 10:58 - 000020540 _____ C:\Users\durnad\Desktop\FRST.txt
2018-10-09 10:57 - 2018-10-09 10:57 - 000000000 ____D C:\FRST
2018-10-09 10:48 - 2018-10-09 10:57 - 002414592 _____ (Farbar) C:\Users\durnad\Desktop\FRST64.exe
2018-10-09 10:36 - 2018-10-09 10:36 - 000000000 ____D C:\Users\durnad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2018-10-08 20:42 - 2018-10-08 20:42 - 000478392 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\095D238F.sys
2018-10-08 20:42 - 2018-10-08 20:42 - 000085600 ____N (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\59924038.sys
2018-10-08 20:41 - 2018-10-08 20:42 - 000000000 ____D C:\KVRT_Data
2018-10-08 20:33 - 2018-10-08 20:34 - 000000000 ____D C:\AdwCleaner
2018-10-08 19:31 - 2018-10-08 19:31 - 000000000 ____D C:\Users\durnad\AppData\Local\ESET
2018-10-08 18:14 - 2018-10-08 20:41 - 147701544 _____ (AO Kaspersky Lab) C:\Users\durnad\Desktop\KVRT.exe
2018-10-08 18:14 - 2018-10-08 20:33 - 007592144 _____ (Malwarebytes) C:\Users\durnad\Desktop\adwcleaner_7.2.4.0.exe
2018-10-08 14:40 - 2018-10-08 15:50 - 000000000 ____D C:\Users\durnad\Documents\GTA San Andreas User Files
2018-10-08 14:40 - 2018-10-08 14:40 - 000000000 ____D C:\ProgramData\Caphyon
2018-10-08 14:37 - 2018-10-08 14:37 - 000000000 ____D C:\Program Files (x86)\Rockstar games
2018-10-04 09:38 - 2018-10-04 09:38 - 000358168 _____ C:\Users\durnad\Desktop\ZL DOTAZNÍK 2018.pdf
2018-10-04 08:35 - 2018-10-04 08:35 - 000002237 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000002561 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000002527 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-10-03 10:39 - 2018-10-03 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2018-10-03 09:09 - 2018-10-03 09:09 - 000000000 ____D C:\Users\durnad\AppData\Local\Viber
2018-09-27 11:40 - 2018-09-27 11:40 - 000009032 _____ C:\Users\durnad\AppData\Local\recently-used.xbel
2018-09-26 14:50 - 2018-09-26 14:50 - 000000074 _____ C:\Windows\SysWOW64\SmartFlow.txt
2018-09-20 07:50 - 2018-09-20 07:50 - 000419842 _____ C:\Users\durnad\Desktop\Ubytování montážníci odjezd).pdf
2018-09-12 09:21 - 2018-09-12 09:21 - 000000000 _____ C:\Users\durnad\Documents\HPPW5775_Fax_Port
2018-09-10 19:01 - 2018-09-10 19:01 - 000000000 _____ C:\Windows\HPMProp.INI
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-09 10:54 - 2017-12-14 09:48 - 056140800 _____ C:\Users\durnad\Desktop\archive.pst
2018-10-09 10:54 - 2017-04-24 08:43 - 000000000 ____D C:\Users\durnad\Documents\Soubory aplikace Outlook
2018-10-09 10:47 - 2017-04-10 10:59 - 000000000 ____D C:\Users\durnad\AppData\LocalLow\Mozilla
2018-10-09 10:41 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-09 10:41 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\AppReadiness
2018-10-09 10:38 - 2017-04-28 09:17 - 000000000 ____D C:\ProgramData\firebird
2018-10-09 10:37 - 2018-08-16 16:40 - 000000000 ____D C:\Users\durnad\Documents\ViberDownloads
2018-10-09 10:37 - 2018-08-16 16:39 - 000000000 ____D C:\Users\durnad\AppData\Roaming\ViberPC
2018-10-09 10:36 - 2017-04-10 10:55 - 000000000 __SHD C:\Users\durnad\IntelGraphicsProfiles
2018-10-09 10:36 - 2017-04-10 10:24 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-10-09 06:42 - 2017-03-18 15:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-10-08 20:43 - 2017-03-18 15:41 - 004012250 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-08 20:43 - 2016-08-02 16:32 - 001719924 _____ C:\Windows\system32\perfh005.dat
2018-10-08 20:43 - 2016-08-02 16:32 - 000465472 _____ C:\Windows\system32\perfc005.dat
2018-10-08 20:37 - 2018-06-15 13:06 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-10-08 20:37 - 2017-03-18 15:44 - 000067257 _____ C:\Windows\system32\CVFirmwareUpgradeLog.txt
2018-10-08 20:37 - 2017-03-18 15:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-08 20:36 - 2016-07-16 08:04 - 000786432 _____ C:\Windows\system32\config\BBI
2018-10-08 19:20 - 2017-09-10 15:30 - 000000000 ____D C:\Users\durnad\Desktop\Dominik Soukromé
2018-10-08 19:17 - 2017-04-10 10:55 - 000000000 ____D C:\Users\durnad\AppData\Local\Packages
2018-10-08 17:59 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\LiveKernelReports
2018-10-08 17:57 - 2017-03-18 16:17 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-08 17:51 - 2017-04-10 10:55 - 000000000 ____D C:\Users\durnad
2018-10-08 17:50 - 2017-04-10 10:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-08 17:50 - 2017-04-10 10:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-10-08 17:50 - 2017-03-18 15:26 - 000498136 _____ C:\Windows\system32\FNTCACHE.DAT
2018-10-08 14:46 - 2016-07-16 13:36 - 000000000 ____D C:\Windows\CbsTemp
2018-10-08 14:44 - 2016-07-16 13:43 - 000471040 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2018-10-08 14:44 - 2016-07-16 13:43 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2018-10-08 14:44 - 2016-07-16 13:43 - 000020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2018-10-08 14:44 - 2016-07-16 13:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnlobby.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000006144 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2018-10-08 14:44 - 2016-07-16 13:43 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2018-10-05 08:36 - 2018-07-12 21:42 - 000001503 _____ C:\Users\durnad\Desktop\SQL Ekonom.lnk
2018-10-05 08:35 - 2017-04-10 02:59 - 000000120 _____ C:\Windows\system32\config\netlogon.ftl
2018-10-04 08:37 - 2018-05-17 12:08 - 000004242 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-10-04 08:37 - 2017-03-18 15:49 - 000000000 ____D C:\ProgramData\PCDr
2018-10-04 08:35 - 2017-03-18 15:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2018-10-04 08:35 - 2016-07-16 13:45 - 000000000 ____D C:\Windows\INF
2018-10-04 08:34 - 2017-06-28 12:07 - 000000000 ____D C:\ProgramData\SupportAssist
2018-10-04 08:30 - 2017-04-10 10:30 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-10-03 17:56 - 2017-04-10 11:44 - 000000000 ____D C:\Users\durnad\AppData\LocalLow\Adobe
2018-10-03 17:28 - 2017-04-10 10:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-03 17:25 - 2018-06-12 16:47 - 000000000 ____D C:\Users\durnad\Documents\SimCity 4
2018-10-03 10:40 - 2016-07-16 13:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-03 10:38 - 2017-03-18 15:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-09-27 11:41 - 2017-05-02 14:39 - 000000000 ____D C:\Users\durnad\.gimp-2.8
2018-09-27 11:40 - 2017-05-02 14:42 - 000000000 ____D C:\Users\durnad\AppData\Local\gtk-2.0
2018-09-25 15:14 - 2017-11-13 09:34 - 000000000 ____D C:\Users\durnad\Desktop\Dokumentace pro Uralské Loko
2018-09-24 13:38 - 2017-04-10 10:06 - 000009160 __RSH C:\ProgramData\ntuser.pol
2018-09-23 13:33 - 2017-04-10 10:53 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-09-23 11:28 - 2018-03-02 08:51 - 000003360 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4106999633-2871329638-518651434-4360
2018-09-23 11:27 - 2017-04-10 10:57 - 000002392 _____ C:\Users\durnad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-23 11:27 - 2017-04-10 10:57 - 000000000 ___RD C:\Users\durnad\OneDrive
2018-09-21 09:31 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\NDF
2018-09-18 22:32 - 2017-04-10 10:26 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-12 09:21 - 2017-04-11 14:16 - 000000000 ____D C:\Users\durnad\AppData\Local\HP
2018-09-12 09:03 - 2018-03-14 09:33 - 000004638 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-09-12 09:03 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-09-12 09:03 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\Macromed
2018-09-11 15:24 - 2017-04-10 02:44 - 000003276 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2018-09-10 19:00 - 2016-07-16 13:47 - 000000000 ____D C:\Windows\system32\spool
2018-09-09 20:20 - 2017-04-10 10:06 - 000000000 ____D C:\Users\tratadmin
2018-09-09 20:20 - 2017-04-10 02:39 - 000000000 ____D C:\Users\it
2018-09-09 20:20 - 2017-04-10 02:36 - 000000000 ____D C:\Users\defaultuser0
==================== Files in the root of some directories =======
2018-07-03 22:32 - 2018-08-09 15:49 - 000000000 _____ () C:\Users\durnad\AppData\Roaming\FileIn.cns
2018-07-03 22:32 - 2018-08-09 15:49 - 000000000 _____ () C:\Users\durnad\AppData\Roaming\FileOut.cns
2018-09-27 11:40 - 2018-09-27 11:40 - 000009032 _____ () C:\Users\durnad\AppData\Local\recently-used.xbel
Some files in TEMP:
====================
2017-07-25 16:24 - 2017-01-18 13:50 - 000066472 _____ (Autodesk, Inc.) C:\Users\durnad\AppData\Local\Temp\AcDeltree.exe
2018-03-14 17:51 - 2018-03-14 17:51 - 000231936 _____ (Kerio Technologies Inc.) C:\Users\durnad\AppData\Local\Temp\KTOutlk.dll
2018-06-15 13:05 - 2018-06-15 13:05 - 000070160 _____ (ESET) C:\Users\durnad\AppData\Local\Temp\sha1sum.exe
2017-04-28 09:13 - 2017-04-28 09:13 - 000231936 _____ (Kerio Technologies Inc.) C:\Users\tratadmin\AppData\Local\Temp\KTOutlk.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-10-04 11:41
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.10.2018
Ran by DurnaD (09-10-2018 10:59:00)
Running from C:\Users\durnad\Desktop
Windows 10 Pro Version 1607 14393.576 (X64) (2017-04-10 00:38:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3801480981-3194726390-2044637386-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3801480981-3194726390-2044637386-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3801480981-3194726390-2044637386-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3801480981-3194726390-2044637386-501 - Limited - Disabled)
it (S-1-5-21-3801480981-3194726390-2044637386-1001 - Administrator - Enabled) => C:\Users\it
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Endpoint Antivirus 6.2.2033.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 6.2.2033.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{13DA9C7C-EBFB-40D0-94A1-55B42883DF21}) (Version: 21.2.1 - HP Inc.) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20071 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{552523b2-40ad-46b3-94f6-2b99d0860d5c}) (Version: 18.40.0 - Intel Corporation)
Autodesk DWG TrueView 2018 - English (HKLM\...\DWG TrueView 2018 - English) (Version: 22.0.50.0 - Autodesk)
Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.1.1 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.2.0 - Dell Inc.)
Dell ControlVault Host Components Installer 64 bit (HKLM\...\{0F987BC2-6177-4A85-B441-BD26838242CE}) (Version: 4.5.17.305 - Broadcom Limited)
Dell Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\{50EF2C72-95EC-4206-AAC3-9E84004A6140}) (Version: 3.0.1.62 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.1207.101.113 - ALPS ELECTRIC CO., LTD.)
Dell WLAN Radio Switch Driver (HKLM\...\{0C073C52-562D-4897-9839-5AE5405EC462}) (Version: 1.0.0.7 - Dell Inc.)
DWG TrueView 2018 - English (HKLM\...\{28B89EEF-1028-0409-0100-CF3F3A09B77D}) (Version: 22.0.50.0 - Autodesk) Hidden
Empire Earth - The Art of Conquest (HKLM-x32\...\{A10D72B9-9B20-47F8-AE4D-365BCC89F324}) (Version: 1.0.0.0 - Název společnosti:) Hidden
Empire Earth - The Art of Conquest (HKLM-x32\...\InstallShield_{A10D72B9-9B20-47F8-AE4D-365BCC89F324}) (Version: 1.0.0.0 - Název společnosti:)
Empire Earth (HKLM-x32\...\{65B09E79-0187-4813-8258-03991132E5A5}) (Version: 2.0.0.0 - Název společnosti:) Hidden
Empire Earth (HKLM-x32\...\InstallShield_{65B09E79-0187-4813-8258-03991132E5A5}) (Version: 2.0.0.0 - Název společnosti:)
ESET Endpoint Antivirus (HKLM\...\{3F2F7E08-192B-4F74-A540-E61BB8CD2A1E}) (Version: 6.2.2033.1 - ESET, spol. s r.o.)
ESET Remote Administrator Agent (HKLM\...\{41F12F70-5FA9-43F5-94F4-53B54EB4EEC4}) (Version: 6.5.522.0 - ESET, spol. s r.o.)
Firebird 2.5.0.26074 (x64) (HKLM\...\FBDBServer_2_5_x64_is1) (Version: 2.5.0.26074 - Firebird Project)
Firebird/InterBase(r) ODBC driver 2.0 (HKLM-x32\...\Firebird ODBC Driver_is1) (Version: 2.0 - Firebird Project)
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
GTA San Andreas CZ (HKLM-x32\...\GTA San Andreas CZ 1.3.0) (Version: 1.3.0 - Rockstar Games)
HP Dropbox Plugin (HKLM-x32\...\{C532369A-0DB2-4955-99C2-15711A0EBA11}) (Version: 36.0.49.62779 - HP)
HP Google Drive Plugin (HKLM-x32\...\{E7AA21C9-D2D2-4AE0-9F61-D2FC755C933E}) (Version: 36.0.49.62779 - HP)
HP OneDrive Plugin (HKLM-x32\...\{D153F4F6-A6A7-459C-86F0-306052B34665}) (Version: 36.0.0.0 - HP)
IBM SPSS Statistics Subscription (HKLM\...\{02D81DCC-13D1-465C-9292-E46956489CA1}) (Version: 1.0.0.903 - IBM Corp)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1167 - Intel Corporation)
Intel(R) Network Connections 20.3.300.1 (HKLM\...\PROSetDX) (Version: 20.3.300.1 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.2.1030 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{A354DC98-2677-4967-8AA0-3B867EE10202}) (Version: 18.1.1611.3223 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kerio Connect (HKU\S-1-5-21-4106999633-2871329638-518651434-4360\...\KerioConnect) (Version: 9.2.3.9362 - Kerio Technologies Inc.)
Kerio Outlook Connector (Offline Edition) (HKLM-x32\...\{4A365C62-0B2C-4A5F-ACED-4F059BDDAC59}) (Version: 9.2.3336 - Kerio Technologies Inc.)
Kerio Updater Service (HKLM-x32\...\{c5ca4ec3-10b2-4447-b323-8448aae57a0b}) (Version: 2.0.176 - Kerio Technologies, Inc.) <==== ATTENTION
LibreOffice 5.3.2.2 (HKLM-x32\...\{8DA98699-6AD4-49CF-A9A0-B5E7B7981BE6}) (Version: 5.3.2.2 - The Document Foundation)
Live for Speed (HKLM-x32\...\Live for Speed) (Version: 0.6G - Jimbo)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.8627.1 - Waves Audio Ltd.) Hidden
McAfee True Key (HKLM\...\TrueKey) (Version: 5.0.150.1 - McAfee)
Microsoft Office 2016 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 16.0.10827.20138 - Microsoft Corporation)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.10827.20138 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4106999633-2871329638-518651434-4360\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 62.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 62.0.3 (x64 cs)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.10827.20138 - Microsoft Corporation) Hidden
PowerKey 3.0 (HKLM-x32\...\PowerKey3.0) (Version: - )
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6111 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\GOGPACKRCT3_is1) (Version: 2.0.0.13 - GOG.com)
SimCity 4 Deluxe Edition (HKLM-x32\...\GOGPACKSC4_is1) (Version: 2.0.0.8 - GOG.com)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0071 - ST Microelectronics)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.14327 - TeamViewer)
Trainz Simulator 2009: World Builder Edition (HKLM-x32\...\AuranTS2009_is1) (Version: - Auran)
Viber (HKLM-x32\...\{FF0EABB8-2954-496B-8F2C-ADC004DFB39C}) (Version: 9.4.0.13 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-4106999633-2871329638-518651434-4360\...\{4145fbea-95a1-4c9d-a22e-809f70175be0}) (Version: 9.4.0.13 - Viber Media Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
Warcraft III - Gold Edition verze 1.26 (HKLM-x32\...\{1DD8BB83-A075-4F9B-9F24-9383BC647D65}_is1) (Version: 1.26 - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Základní software zařízení HP Officejet Pro X576dw MFP (HKLM\...\{D98DDEDB-CE21-42EE-8BDB-02ED2395D06C}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
Základní software zařízení HP PageWide MFP P57750 (HKLM\...\{BD4A2FF8-641B-4360-8ED4-BF8B867F1412}) (Version: 39.4.1978.16350 - HP Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4106999633-2871329638-518651434-4360_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2016 - English\dwgviewr.exe => No File
CustomCLSID: HKU\S-1-5-21-4106999633-2871329638-518651434-4360_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4106999633-2871329638-518651434-4360_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2018 - English\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-4106999633-2871329638-518651434-4360_Classes\CLSID\{CBBF6A46-87BC-A0B6-0D2E-2BB5531C96D3}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-15] (Autodesk, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-15] (Autodesk)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2015-10-02] (ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2015-10-02] (ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-10-25] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2015-10-02] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08C9FCAA-FDE2-40FD-9466-0A73FE347F48} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [2016-09-14] ()
Task: {198FA073-AECE-40F4-B292-4997D6E3B425} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}
Task: {1B8C2E07-A066-48AF-B670-3D8319A0E5E5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-10-03] (Microsoft Corporation)
Task: {206DEBD1-0041-495E-9127-A3DE1CBECE6B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWoW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {3061E025-2BD5-4403-956D-C2EC2D04DEC2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {332EC765-CC61-4259-AB33-FD31A6F6F9AD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-26] (Microsoft Corporation)
Task: {36511363-C79D-406C-B7FE-21B68CCCABC4} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [2018-09-07] (Dell Inc.)
Task: {4655C382-B0A9-4376-A9DC-8582A4498D3A} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-08-18] (Realtek Semiconductor)
Task: {4F39A6DC-1EC7-4D5A-84A1-CF05D16DC911} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\Explorer.EXE /NOUACCHECK
Task: {5E8B2054-CD45-4AD0-AF2F-5E28331416E2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-03] (Microsoft Corporation)
Task: {76725CB1-274C-419D-8068-72D90C912734} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-03] (Microsoft Corporation)
Task: {82F22249-9BC4-4179-8734-65682B9464E2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-26] (Microsoft Corporation)
Task: {9408B5B4-7104-47EA-8DE5-33DAC593C1A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-10] (Google Inc.)
Task: {97BD698F-AFBD-43E8-B481-EC9FD8F5E08C} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-02-27] (McAfee, Inc.)
Task: {A0D4F310-7D43-4B96-88EA-D049407A3EA6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-10] (Google Inc.)
Task: {BBD50DF2-7156-4360-9E50-F1EA2E04A05C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {C2D039E6-3FC2-4112-8CA6-47CA8895A154} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-10-03] (Microsoft Corporation)
Task: {F646C284-D5D2-4E5E-B910-D6984C73B724} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI_ActiveScriptEventConsumer_DellCommandPowerManagerAlertEventConsumer:
WMI_ActiveScriptEventConsumer_DellCommandPowerManagerPolicyChangeEventConsumer:
Shortcut: C:\Users\durnad\AppData\Roaming\Microsoft\Word\Статус%20выполнения%20по%20проектно-поэтапному%20п306848901688930916\Статус%20выполнения%20по%20проектно-поэтапному%20плану%20по%20унив.%20сан.комплексу%20от%20TRATEC.doc.lnk -> [LF `N"|5pu6l4U//D:\tY^Hg3(w,/J>Vh6 !B0BCA 2K?>;=5=8O ?> ?@>5:B=>-?>MB0?=><C ?;0=C ?> C=82. A0=.:><?;5:AC >B TRATEC.doc.!B0BCA 2K?>;=5=8O ?> ?@>5:B=>-?>MB0?=><C ?;0=C ?> C=82. A0=.:><?;5:AC >B TRATEC.doc>$$5:<D:\?????? ?????????? ?? ????????-?????????? ????? ?? ????. ???.????????? ?? TRATEC.docD:\!B0BCA 2K?>;=5=8O ?> ?@>5:B=>-?>MB0?=><C ?;0=C ?> C=82. A0=.:><?;5:AC >B TRATEC.docNejnovja verze12] (No File) <==== Cyrillic
==================== Loaded Modules (Whitelisted) ==============
2017-03-18 15:44 - 2016-11-09 08:37 - 000254464 _____ () C:\Program Files\Broadcom\CV\bin\UshUpgradeService.exe
2016-06-02 11:23 - 2016-06-02 11:23 - 000524352 _____ () c:\Dell\Sytem64Folder\DellRctlService.exe
2018-10-04 08:36 - 2018-10-04 08:36 - 002587968 _____ () C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1338\libprotobuf.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-03-19 00:18 - 2017-03-19 00:18 - 002681200 _____ () C:\Windows\System32\CoreUIComponents.dll
2017-03-18 23:53 - 2016-10-25 05:09 - 000384496 _____ () C:\Windows\system32\igfxTray.exe
2017-03-19 00:18 - 2017-03-19 00:18 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-19 00:18 - 2017-03-19 00:18 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-19 00:18 - 2017-03-19 00:18 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-19 00:18 - 2017-03-19 00:18 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-19 00:18 - 2017-03-19 00:18 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-19 00:18 - 2017-03-19 00:18 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-19 00:18 - 2017-03-19 00:18 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2018-08-05 22:24 - 2018-08-06 18:30 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-08-05 22:24 - 2018-08-06 18:30 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-08-05 22:24 - 2018-08-06 18:30 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-08-05 22:24 - 2018-08-06 18:30 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\skypert.dll
2018-08-05 22:24 - 2018-08-05 22:24 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 000361984 _____ () C:\Windows\SYSTEM32\HrtfApo.dll
2017-09-27 23:37 - 2017-09-27 23:37 - 000073928 _____ () C:\Program Files (x86)\Kerio\UpdaterService\ktzlib100_1.2.8.dll
2016-05-02 15:46 - 2016-05-02 15:46 - 000134008 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2015-09-04 21:34 - 2015-09-04 21:34 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-09-27 23:34 - 2017-09-27 23:34 - 000073928 _____ () C:\Program Files (x86)\Kerio\Outlook Connector (Offline Edition)\ktzlib100_1.2.8.dll
2017-09-27 23:34 - 2017-09-27 23:34 - 000297656 _____ () C:\Program Files (x86)\Kerio\Outlook Connector (Offline Edition)\gmime.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-4106999633-2871329638-518651434-4360\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4106999633-2871329638-518651434-4360\Control Panel\Desktop\\Wallpaper -> C:\Users\durnad\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{48A1358E-A01B-49D2-8C10-2F25FD11E2F0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{BE40AF96-4976-4628-9E90-3D05E5293EDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BF79046D-E614-48FD-88A3-527678B6D77F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BADD556D-583F-4E24-85D5-94031C159B30}] => (Allow) C:\Program Files\HP\HP Officejet Pro X576dw MFP\bin\FaxApplications.exe
FirewallRules: [{861B21A2-93E2-4293-84E2-66F365818F77}] => (Allow) C:\Program Files\HP\HP Officejet Pro X576dw MFP\bin\DigitalWizards.exe
FirewallRules: [{8B9D14FE-775F-4B13-BFEE-955E5157F716}] => (Allow) C:\Program Files\HP\HP Officejet Pro X576dw MFP\bin\SendAFax.exe
FirewallRules: [{02000F51-CA96-4D7F-8110-E1C8E32ECAD3}] => (Allow) C:\Program Files\HP\HP Officejet Pro X576dw MFP\Bin\DeviceSetup.exe
FirewallRules: [{8D026618-6C09-440D-A146-14C0E5CF20D3}] => (Allow) LPort=5357
FirewallRules: [{B823ACFC-F245-448C-9964-C9F43A8B2A2B}] => (Allow) C:\Program Files\HP\HP Officejet Pro X576dw MFP\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{877B71B5-1DDF-4C2F-BC6D-5FF570CC8D8E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B8EFE7A2-500B-495E-B27F-4346B34D87CE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{3CD53DFB-16D4-4F96-82E1-1F58B9DB64A7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7CBEA17D-7BF7-4817-A525-5F54B6D5B767}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{E390A422-5798-4889-A319-B2699031C5C9}C:\program files (x86)\sierra\empire earth\empire earth.exe] => (Block) C:\program files (x86)\sierra\empire earth\empire earth.exe
FirewallRules: [UDP Query User{BADC76D9-F48A-4314-AD67-173A32F7CA87}C:\program files (x86)\sierra\empire earth\empire earth.exe] => (Block) C:\program files (x86)\sierra\empire earth\empire earth.exe
FirewallRules: [TCP Query User{E8D289C8-79B5-45D5-B452-E9A742CDE089}C:\program files (x86)\sierra\empire earth\empire earth.exe] => (Block) C:\program files (x86)\sierra\empire earth\empire earth.exe
FirewallRules: [UDP Query User{F289773E-500F-4732-B214-BF2773723939}C:\program files (x86)\sierra\empire earth\empire earth.exe] => (Block) C:\program files (x86)\sierra\empire earth\empire earth.exe
FirewallRules: [TCP Query User{C4D325FD-43DD-451F-BFAB-0B86DC804845}C:\program files (x86)\train simulator\train simulator 2017\railworks.exe] => (Block) C:\program files (x86)\train simulator\train simulator 2017\railworks.exe
FirewallRules: [UDP Query User{B88A16F0-B538-411E-919A-9292556F481B}C:\program files (x86)\train simulator\train simulator 2017\railworks.exe] => (Block) C:\program files (x86)\train simulator\train simulator 2017\railworks.exe
FirewallRules: [TCP Query User{E1324EE3-B5ED-41B4-8D81-49BF35330E99}C:\program files (x86)\sierra\empire earth - the art of conquest\ee-aoc.exe] => (Block) C:\program files (x86)\sierra\empire earth - the art of conquest\ee-aoc.exe
FirewallRules: [UDP Query User{6C858F97-EB76-4B01-94A6-289B02ED0EF4}C:\program files (x86)\sierra\empire earth - the art of conquest\ee-aoc.exe] => (Block) C:\program files (x86)\sierra\empire earth - the art of conquest\ee-aoc.exe
FirewallRules: [TCP Query User{4BA50885-B820-4E69-A095-2D40DF729240}C:\program files\ibm\spss\statistics\subscription\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\subscription\stats.exe
FirewallRules: [UDP Query User{5233151F-A8F0-4E15-A45E-3920354B117E}C:\program files\ibm\spss\statistics\subscription\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\subscription\stats.exe
FirewallRules: [{BB529979-7A12-475B-853E-43AB04FA93AA}] => (Allow) C:\Program Files\HP\HP PageWide MFP P57750\bin\FaxApplications.exe
FirewallRules: [{2400020A-E7DD-4D35-8839-13DB5B8E3B11}] => (Allow) C:\Program Files\HP\HP PageWide MFP P57750\bin\DigitalWizards.exe
FirewallRules: [{25540852-F709-4347-8B9E-C447CAB6BA96}] => (Allow) C:\Program Files\HP\HP PageWide MFP P57750\bin\SendAFax.exe
FirewallRules: [{584541A7-B030-4528-8631-63A4A6525B17}] => (Allow) C:\Program Files\HP\HP PageWide MFP P57750\bin\FaxPrinterUtility.exe
FirewallRules: [{1C61F5F7-6FCD-4E31-8124-FA8FD54FF5A5}] => (Allow) C:\Program Files\HP\HP PageWide MFP P57750\Bin\DeviceSetup.exe
FirewallRules: [{DB72C0BF-7CA4-42B0-945D-DCDC4F70FBF0}] => (Allow) C:\Program Files\HP\HP PageWide MFP P57750\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{AC067B7B-8E7E-4108-AD13-EBEF78EB4A6D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8BF4A2CC-37F9-4C7F-954D-CEA27AED5128}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F2F9AB30-0D6D-4913-A8F7-B93D5F39B7BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{578E3637-BE6E-4AF4-9743-420FDCEF23CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BB318252-FC95-4916-B77C-AD3E643E185E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{FA451DEB-13D5-4F53-A21E-7DD71FE99BA5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
02-10-2018 09:54:45 Naplánovaný kontrolní bod
08-10-2018 14:40:44 Instalační služba modulů systému Windows
08-10-2018 14:41:58 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/09/2018 10:39:42 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/09/2018 10:38:21 AM) (Source: Outlook) (EventID: 68) (User: )
Description: Upozornění zabezpečení pro načtení souboru KOFXP.DLL. Knihovna DLL tohoto zprostředkovatele MAPI může být pro váš systém škodlivá. Měli byste načítat jenom knihovny DLL od důvěryhodných zprostředkovatelů, kteří jsou zaregistrovaní v MapiSvc.Inf. Knihovna DLL tohoto zprostředkovatele se v příští aktualizaci klienta Outlooku zablokuje a její funkce už nebudou k dispozici. Další informace o registraci zprostředkovatelů knihoven DLL najdete v článku https://go.microsoft.com/fwlink/?linkid ... lcid=0x409.
Error: (10/08/2018 08:37:11 PM) (Source: DellRctlService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/08/2018 08:37:10 PM) (Source: DellRctlService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/08/2018 08:37:09 PM) (Source: DellRctlService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/08/2018 08:26:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TRATEC)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (10/08/2018 07:22:26 PM) (Source: Outlook) (EventID: 68) (User: )
Description: Upozornění zabezpečení pro načtení souboru KOFXP.DLL. Knihovna DLL tohoto zprostředkovatele MAPI může být pro váš systém škodlivá. Měli byste načítat jenom knihovny DLL od důvěryhodných zprostředkovatelů, kteří jsou zaregistrovaní v MapiSvc.Inf. Knihovna DLL tohoto zprostředkovatele se v příští aktualizaci klienta Outlooku zablokuje a její funkce už nebudou k dispozici. Další informace o registraci zprostředkovatelů knihoven DLL najdete v článku https://go.microsoft.com/fwlink/?linkid ... lcid=0x409.
Error: (10/08/2018 06:34:21 PM) (Source: Outlook) (EventID: 68) (User: )
Description: Upozornění zabezpečení pro načtení souboru KOFXP.DLL. Knihovna DLL tohoto zprostředkovatele MAPI může být pro váš systém škodlivá. Měli byste načítat jenom knihovny DLL od důvěryhodných zprostředkovatelů, kteří jsou zaregistrovaní v MapiSvc.Inf. Knihovna DLL tohoto zprostředkovatele se v příští aktualizaci klienta Outlooku zablokuje a její funkce už nebudou k dispozici. Další informace o registraci zprostředkovatelů knihoven DLL najdete v článku https://go.microsoft.com/fwlink/?linkid ... lcid=0x409.
System errors:
=============
Error: (10/09/2018 10:39:21 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Tento počítač nemohl nastavit zabezpečenou relaci s řadičem
domény v doméně TRATEC z následujícího důvodu:
Pro vyřízení žádosti o přihlášení nejsou nyní k dispozici žádné přihlašovací servery.
To může vést k potížím při ověřování. Přesvědčte se, zda je tento
počítač připojen k síti. Pokud potíže trvají,
obraťte se na správce domény.
DALŠÍ INFORMACE
Pokud je tento počítač řadičem domény pro určenou doménu,
nastaví zabezpečenou relaci s emulátorem primárního řadiče domény v určené
doméně. V opačném případě tento počítač nastaví zabezpečenou relaci s libovolným řadičem domény
v určené doméně.
Error: (10/09/2018 10:36:38 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: TRATEC)
Description: Selhání 1.
Název objektu zásad skupiny: MAPDRIVE-PRINTER-SHORTCUT
Cesta k objektu zásad skupiny: \\TRATEC.local\SysVol\TRATEC.local\Policies\{1EC5D8BD-49C1-4C79-B691-EE65F18D4BA8}\User
Název skriptu: \\s2008-02\VYROBA\!!\epc_log\testpc.vbs
Error: (10/09/2018 10:36:38 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: TRATEC)
Description: Selhání 1.
Název objektu zásad skupiny: Default Domain Policy
Cesta k objektu zásad skupiny: \\TRATEC.local\sysvol\TRATEC.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\User
Název skriptu: start.cmd
Error: (10/09/2018 10:36:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2018 10:36:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2018 10:36:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2018 10:36:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/09/2018 10:36:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2017-04-10 10:34:11.428
Description:
Virtuální počítač Windows Defender narazil na chybu při pokusu o nahrání podezřelého souboru pro další analýzu.
Název souboru: C:\Users\tratadmin\Downloads\kerio-connect-koff-9.2.2-2831-p1-win64.msi
Sha256: a437757833b20c8c58a3ccf7b9feac4fb497c58b8519bea1b0c8b1a5973511dd
Aktuální verze podpisu: AV: 1.239.1181.0, AS: 1.239.1181.0
Aktuální verze modulu: 1.1.13601.0
Kód chyby: 0x80078032
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 47%
Total physical RAM: 8074.95 MB
Available physical RAM: 4279.1 MB
Total Virtual: 9354.95 MB
Available Virtual: 5011.17 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:456.11 GB) (Free:190.99 GB) NTFS
\\?\Volume{6eb99678-1420-4331-8c48-c938897dab91}\ (WINRETOOLS) (Fixed) (Total:0.45 GB) (Free:0.08 GB) NTFS
\\?\Volume{84262ddf-8896-47b0-add7-4fd4fbcb9972}\ (Image) (Fixed) (Total:8.59 GB) (Free:0.58 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 43969A7D)
Partition: GPT.
==================== End of Addition.txt ============================