Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Emailom ma vydiera prosím o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Zihos
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 31 led 2018 17:01

Emailom ma vydiera prosím o kontrolu logu

#1 Příspěvek od Zihos »

Tu je mail žial heslo v ňom sedí s mojim :( ja som ho vykrížikoval
I know the xxxxxxxx, this is your password.
As you can see, I logged in with your account. And I wrote you this message from your account.

If you have already changed your password, my malware will be intercepts it every time.

You may not know me, and you are most likely wondering why you are receiving this email, right?
In fact, I posted a malicious program on adults (pornography) of some websites, and you know that you visited these websites to enjoy (you know what I mean).

While you were watching video clips,
my trojan started working as a RDP (remote desktop) with a keylogger that gave me access to your screen as well as a webcam.

Immediately after this, my program gathered all your contacts from messenger, social networks, and also by e-mail.

What I've done?
I made a double screen video.
The first part shows the video you watched (you have good taste, yes ... but strange for me and other normal people), and the second part shows the recording of your webcam.

What should you do?

Well, I think $724 (USD dollars) is a fair price for our little secret.
You will make a bitcoin payment (if you don't know, look for "how to buy bitcoins" on Google).

BTC Address: 1JvJEsdV3eMDaFWbS5LBpUVS5AquYnfSV4
(This is CASE sensitive, please copy and paste it)

Remarks:
You have 2 days (48 hours) to pay. (I have a special code, and at the moment I know that you have read this email).

If I don't get bitcoins, I will send your video to all your contacts, including family members, colleagues, etc.
However, if I am paid, I will immediately destroy the video, and my trojan will be destruct someself.

If you want to get proof, answer "Yes!" and send this letter to the sender's address.
And I will definitely send your video to your any 16 contacts.

This is a non-negotiable offer, so please do not waste my personal and other people's time by replying to this email.

Bye!

Zihos
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 31 led 2018 17:01

Re: Emailom ma vydiera prosím o kontrolu logu

#2 Příspěvek od Zihos »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05.2019
Ran by LENOVO (administrator) on LENOVO-PC (LENOVO 4236S25) (29-05-2019 19:24:25)
Running from C:\Users\LENOVO\Desktop
Loaded Profiles: LENOVO (Available Profiles: LENOVO)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Andrey Gruber) [File not signed] E:\Programy\PNotes\PNotes.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\New_1305094a\instup.exe
(AVAST Software) [File not signed] C:\Program Files\AVAST Software\Avast\setup\sbr.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRFE.EXE
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261000 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1989619509-1172422604-3077956998-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2018-05-18] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-1989619509-1172422604-3077956998-1000\...\Run: [EPSON SX100 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE [221696 2008-02-05] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1989619509-1172422604-3077956998-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1989619509-1172422604-3077956998-1000\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30919232 2019-03-19] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1989619509-1172422604-3077956998-1000\...\MountPoints2: {b7a3cdf2-9884-11e7-b717-028037ec0200} - F:\Lenovo_Suite.exe
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30919232 2019-03-19] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-23] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PNotes.lnk [2017-08-26]
ShortcutTarget: PNotes.lnk -> E:\Programy\PNotes\PNotes.exe (Andrey Gruber) [File not signed]
BootExecute: autocheck autochk *
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00739A5E-CF5B-4196-B881-D7E412FC55D6} - System32\Tasks\EPSON XP-243 245 247 Series Update {065FC8C1-F878-4FC8-A67B-62C7E0E6EEF4} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {19D8C129-8B6B-446A-BC88-F6C991FFC569} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6364808 2019-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {1BBB4788-F4B6-4676-9EB4-4E602286D31F} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321240 2017-06-09] (Lenovo -> Lenovo)
Task: {272FEF91-0191-4FE5-B170-2D8EE209D09B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166344 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {27991883-870F-46EC-A294-1E851E1172AE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149520 2019-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E7FCB0B-8BCD-44BB-9CE9-829057CD3322} - System32\Tasks\{C04707A8-7D86-45B3-888E-1E02F5A9D518} => C:\Windows\system32\pcalua.exe -a D:\EPSETUP.EXE -d D:\
Task: {2EE96C9A-60B2-4473-AA92-B8AE388FDB4D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {342B84C7-2619-434E-B95C-50CD6BCF94B3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166344 2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {3BC0425F-5548-43A2-9CEC-3D48CD6B6651} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6364808 2019-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C65F029-3256-468D-ACD4-B011DA2ED01C} - System32\Tasks\SoftwareUpdate Pro => C:\Program Files (x86)\Glarysoft\Software Update Pro\SoftwareUpdatePro.exe
Task: {6D19AC8B-E11A-4A84-8037-D31BC1165F08} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
Task: {76DFA123-A0FB-4B20-AFA2-37CC19CD7624} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209368 2019-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A36113A-8BF7-4DE2-B1E9-4987318B6783} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-23] (Google Inc -> Google Inc.)
Task: {9C7D2AF6-36DF-4CB4-881E-119129F03DE2} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2019-03-19] (Garmin International, Inc. -> )
Task: {A7D9C38D-2AC5-4B5A-9289-906E04AFC2E9} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [914896 2018-05-18] (Glarysoft LTD -> Glarysoft Ltd)
Task: {A9EAE91F-7FF2-43A9-AAA6-F5D8626D1BB9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {B52F5605-DF5B-45AB-81E2-D8934100B92E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149520 2019-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA581A78-E55C-4F2C-8406-53D006C8801B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-23] (Google Inc -> Google Inc.)
Task: {BCB5BDF0-50EB-495B-808F-8322E6910B1B} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10197784 2017-06-09] (Lenovo -> Lenovo)
Task: {BCE8C0C8-4345-4548-AB23-D9A3ECB67E55} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [264984 2017-06-09] (Lenovo -> )
Task: {C55462EB-98F9-4434-8534-1ACC28FDF3B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {D121B623-11CD-4A22-ACA5-C2BC8CB66E1B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209368 2019-05-29] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {065FC8C1-F878-4FC8-A67B-62C7E0E6EEF4}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{065FC8C1-F878-4FC8-A67B-62C7E0E6EEF4} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.5.18.5 10.5.18.2 195.80.171.4
Tcpip\..\Interfaces\{79955E6E-B00B-44A3-87CC-82398EE1863E}: [DhcpNameServer] 192.168.0.9
Tcpip\..\Interfaces\{FEFF8B64-2FE3-4B5B-A49C-FF637644A23C}: [DhcpNameServer] 10.5.18.5 10.5.18.2 195.80.171.4

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-29] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-23] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-23] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultSearchKeyword: Default -> google.com_
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default [2019-05-29]
CHR Extension: (Prezentácie) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-23]
CHR Extension: (YouTube) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-23]
CHR Extension: (Osmička) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb [2018-06-24]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-05-02]
CHR Extension: (Tampermonkey) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-05-23]
CHR Extension: (Space & Patterns) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkdmjaboldkklmcomdamidplnfpnmmmd [2019-05-02]
CHR Extension: (Adobe Acrobat) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-05-23]
CHR Extension: (Tabuľky) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (Avast Online Security) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-02]
CHR Extension: (Rozšírenie Google Keep pre Chrome) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2019-05-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Speedtest by Ookla) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjjikdiikihdfpoppgaidccahalehjh [2019-05-02]
CHR Extension: (Gmail) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-29]
CHR Profile: C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\System Profile [2018-04-26]
CHR HKU\S-1-5-21-1989619509-1172422604-3077956998-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6660888 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [362488 2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11145800 2019-05-22] (Microsoft Corporation -> Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [163840 2007-12-17] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [126464 2007-01-11] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
R2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [774736 2017-09-06] (Lenovo -> Lenovo.)
S4 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [271128 2017-06-09] (Lenovo -> Lenovo)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [268888 2017-04-15] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11294448 2018-03-09] (TeamViewer GmbH -> TeamViewer GmbH)
S4 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1725408 2017-03-14] (GlavSoft LLC -> GlavSoft LLC.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 5U877; C:\Windows\System32\DRIVERS\5U877.sys [166016 2011-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Ricoh co.,Ltd.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279120 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167872 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225096 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385640 2019-05-29] (AVAST Software s.r.o. -> AVAST Software)
R3 cykbfltrService; C:\Windows\System32\DRIVERS\cykbfltr.sys [16896 2012-06-15] (Cypress Semiconductor -> Cypress Semiconductor, Inc.)
S3 e1kexpress; C:\Windows\System32\DRIVERS\e1k60x64.sys [220672 2009-06-10] (Microsoft Windows -> Intel Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB -> Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB -> Ericsson AB)
R3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [32840 2017-02-10] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28424 2018-05-29] (Glarysoft LTD -> Glarysoft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-05-29] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB -> Ericsson AB)
R3 l36wscard; C:\Windows\System32\DRIVERS\l36wscard.sys [61992 2011-01-14] (Ericsson AB -> Ericsson AB)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Lenovo)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-04-29] (MCCI Corporation -> MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-04-29] (MCCI Corporation -> MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-04-29] (MCCI Corporation -> MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-04-29] (MCCI Corporation -> MCCI Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-29] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-05-04] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S2 risdsnpe; C:\Windows\System32\DRIVERS\risdsne64.sys [78848 2010-09-08] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 risdxc; C:\Windows\System32\DRIVERS\risdxc64.sys [101888 2011-05-25] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [281840 2013-02-19] (Ericsson AB -> Ericsson AB)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-29 19:26 - 2019-05-29 19:25 - 000363400 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-05-29 19:24 - 2019-05-29 19:30 - 000029989 _____ C:\Users\LENOVO\Desktop\FRST.txt
2019-05-29 19:23 - 2019-05-29 19:23 - 000000000 ____D C:\Users\LENOVO\Desktop\FRST-OlderVersion
2019-05-23 20:43 - 2019-05-23 20:43 - 000001655 _____ C:\Users\LENOVO\Desktop\Vysledok testu.txt
2019-05-14 18:27 - 2019-05-14 18:27 - 000000000 ____D C:\Users\LENOVO\Desktop\Garmin
2019-05-14 18:21 - 2019-05-14 18:21 - 000001897 _____ C:\Users\Public\Desktop\Garmin Express.lnk

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-29 19:27 - 2017-08-23 15:10 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-05-29 19:25 - 2019-02-13 17:20 - 000279120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-05-29 19:25 - 2019-02-06 17:27 - 000262496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-05-29 19:25 - 2019-02-06 17:27 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-05-29 19:25 - 2019-02-06 17:27 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-05-29 19:25 - 2019-02-06 17:27 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-05-29 19:25 - 2018-11-05 17:41 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-05-29 19:25 - 2017-11-09 22:47 - 000207448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-05-29 19:25 - 2017-08-23 15:10 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-05-29 19:25 - 2017-08-23 15:10 - 000477584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-05-29 19:25 - 2017-08-23 15:10 - 000385640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-05-29 19:25 - 2017-08-23 15:10 - 000225096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-05-29 19:25 - 2017-08-23 15:10 - 000167872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-05-29 19:25 - 2017-08-23 15:10 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-05-29 19:25 - 2017-08-23 15:10 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-05-29 19:24 - 2018-01-31 20:08 - 000000000 ____D C:\FRST
2019-05-29 19:23 - 2018-12-11 19:42 - 002435584 _____ (Farbar) C:\Users\LENOVO\Desktop\FRST64.exe
2019-05-29 19:05 - 2009-07-14 06:45 - 000024704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-29 19:05 - 2009-07-14 06:45 - 000024704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-29 19:03 - 2009-07-14 07:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-29 19:03 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-05-29 18:56 - 2018-01-30 22:06 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-05-29 18:55 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-29 18:53 - 2018-11-07 16:53 - 000000911 _____ C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {065FC8C1-F878-4FC8-A67B-62C7E0E6EEF4}.job
2019-05-29 18:41 - 2018-12-11 18:13 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-29 18:39 - 2019-03-26 17:35 - 000002160 _____ C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-05-29 18:39 - 2018-12-11 18:43 - 000003178 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1989619509-1172422604-3077956998-1000
2019-05-29 18:39 - 2018-12-11 18:20 - 000000000 ___RD C:\Users\LENOVO\OneDrive
2019-05-29 18:38 - 2018-12-11 18:09 - 000000000 ____D C:\Program Files\Microsoft Office
2019-05-29 18:35 - 2019-03-27 17:51 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-05-23 21:08 - 2017-08-23 20:39 - 000000000 ____D C:\Users\LENOVO\Desktop\Údržba NB
2019-05-23 20:57 - 2017-08-23 15:23 - 000002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-23 20:57 - 2017-08-23 15:23 - 000002202 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-23 20:45 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-05-23 20:39 - 2017-08-23 15:13 - 000003370 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-23 20:39 - 2017-08-23 15:13 - 000003242 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-14 20:12 - 2017-08-24 18:48 - 000000000 ____D C:\Users\LENOVO\AppData\LocalLow\Mozilla
2019-05-14 18:55 - 2017-08-24 12:16 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-14 18:53 - 2017-06-01 14:03 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-14 18:53 - 2017-06-01 14:03 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-14 18:53 - 2017-06-01 14:03 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-05-14 18:53 - 2017-06-01 14:03 - 000000000 ____D C:\Windows\system32\Macromed
2019-05-14 18:53 - 2017-06-01 14:02 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-05-14 18:48 - 2017-09-03 20:27 - 000000000 ____D C:\Users\LENOVO\AppData\Local\Garmin
2019-05-14 18:40 - 2017-08-27 14:58 - 000000000 ____D C:\ProgramData\Garmin
2019-05-14 18:22 - 2017-08-25 19:12 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-14 18:21 - 2017-08-28 19:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2019-05-14 18:21 - 2017-08-27 14:58 - 000003554 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2019-05-14 18:21 - 2017-08-27 14:58 - 000000000 ____D C:\Program Files (x86)\Garmin
2019-05-06 14:47 - 2017-08-23 20:51 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\vlc
2019-05-01 07:02 - 2018-11-07 16:53 - 000003978 _____ C:\Windows\System32\Tasks\EPSON XP-243 245 247 Series Update {065FC8C1-F878-4FC8-A67B-62C7E0E6EEF4}
2019-05-01 07:02 - 2018-02-11 19:22 - 000003040 _____ C:\Windows\System32\Tasks\{C04707A8-7D86-45B3-888E-1E02F5A9D518}
2019-05-01 07:02 - 2017-12-06 19:11 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-05-01 07:02 - 2017-08-24 12:17 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-05-01 07:02 - 2017-08-23 20:41 - 000002976 _____ C:\Windows\System32\Tasks\GU5SkipUAC
2019-04-30 19:07 - 2017-08-23 15:10 - 000385848 _____ (AVAST Software) C:\Windows\system32\Drivers\asw60eceff965273e70.tmp
2019-04-30 19:06 - 2019-04-15 19:02 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2019-04-30 19:06 - 2017-08-23 15:10 - 000476776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswa45defbe9877840b.tmp
2019-04-30 18:58 - 2019-02-13 17:20 - 000257832 _____ (AVAST Software) C:\Windows\system32\Drivers\asw153ab11f0d7e9174.tmp
2019-04-30 18:58 - 2018-11-05 17:41 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\asw0d82387b91ded0f3.tmp
2019-04-30 18:58 - 2017-08-23 15:10 - 000220640 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9131b785afd382b8.tmp
2019-04-30 18:58 - 2017-08-23 15:10 - 000166848 _____ (AVAST Software) C:\Windows\system32\Drivers\asw728e203bf626a363.tmp
2019-04-30 18:58 - 2017-08-23 15:10 - 000112520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswed9540a3654c7f61.tmp
2019-04-30 18:58 - 2017-08-23 15:10 - 000088160 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7a724ce80e11c588.tmp
2019-04-30 18:57 - 2019-02-06 17:27 - 000320624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswe12b3ce66bde124d.tmp
2019-04-30 18:57 - 2019-02-06 17:27 - 000254128 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4460e2bcfa7fbfac.tmp
2019-04-30 18:57 - 2019-02-06 17:27 - 000196000 _____ (AVAST Software) C:\Windows\system32\Drivers\asw0f14c44f5ef4b53b.tmp
2019-04-30 18:57 - 2019-02-06 17:27 - 000057888 _____ (AVAST Software) C:\Windows\system32\Drivers\asw84a7812714936d59.tmp
2019-04-30 18:57 - 2019-02-06 17:27 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8b496f492c185c29.tmp
2019-04-30 18:57 - 2017-11-09 22:47 - 000205400 _____ (AVAST Software) C:\Windows\system32\Drivers\asw6803ced8b00b5ce7.tmp
2019-04-30 18:57 - 2017-08-23 15:10 - 001031000 _____ (AVAST Software) C:\Windows\system32\Drivers\asw3c3a6c2b0886fbe0.tmp

==================== Files in the root of some directories =======

2018-04-02 18:13 - 2018-07-10 15:09 - 000007597 _____ () C:\Users\LENOVO\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-05-06 16:11
==================== End of FRST.txt ============================

Zihos
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 31 led 2018 17:01

Re: Emailom ma vydiera prosím o kontrolu logu

#3 Příspěvek od Zihos »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05.2019
Ran by LENOVO (29-05-2019 19:30:45)
Running from C:\Users\LENOVO\Desktop
Windows 7 Professional Service Pack 1 (X64) (2017-08-09 12:26:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1989619509-1172422604-3077956998-500 - Administrator - Disabled)
Guest (S-1-5-21-1989619509-1172422604-3077956998-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1989619509-1172422604-3077956998-1002 - Limited - Enabled)
LENOVO (S-1-5-21-1989619509-1172422604-3077956998-1000 - Administrator - Enabled) => C:\Users\LENOVO

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.192 - Adobe)
ANT Drivers Installer x64 (HKLM\...\{6AE0802A-390F-4A82-B58B-A7F37F1FD82E}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Ashampoo Burning Studio 2012 v.10.0.15 (HKLM-x32\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.44.0 - Conexant)
DWGSee Pro 2017 (HKLM-x32\...\{95EBD9FE-2F20-454A-84FC-6D22A8978A0A}) (Version: 4.43 - AutoDWG)
Elevated Installer (HKLM-x32\...\{486DCE02-1FB0-4962-9CB3-4265F2D49126}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{60A3CB9F-4429-4C7A-AA97-77CC4FE10671}) (Version: 4.4.9 - Seiko Epson Corporation)
EPSON Stylus SX100_TX100 Manuál (HKLM-x32\...\EPSON Stylus SX100_TX100 Používateľská príručka) (Version: - )
EPSON SX100 Series Printer Uninstall (HKLM\...\EPSON SX100 Series) (Version: - SEIKO EPSON Corporation)
EPSON XP-243 245 247 Series Printer Uninstall (HKLM\...\EPSON XP-243 245 247 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
Garmin BaseCamp (HKLM-x32\...\{1ac25e24-a380-4f68-bb3c-f9b1d7cdb2df}) (Version: 4.7.0.0 - Garmin Ltd or its subsidiaries)
Garmin BaseCamp (HKLM-x32\...\{3B93218E-3D19-4063-A578-2722B8C4E161}) (Version: 4.7.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin City Navigator Europe NTU 2018.20 (HKLM-x32\...\{F1FCE57B-78A6-4688-A22A-4C1D4E13B9F1}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{A05A8CFE-F458-4731-BD47-01C675E8944C}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{b347cf7c-d07d-417b-b26a-8d6a851f696d}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
GetDataBack for FAT (HKLM-x32\...\{2EEEC858-21F8-419B-8FE2-820621BFFCD7}) (Version: 3.66.000 - Runtime Software)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 3.66.000 - Runtime Software)
Glary Utilities PRO 5.98 (HKLM-x32\...\Glary Utilities 5) (Version: 5.98.0.120 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 22.3 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Kodi (HKU\S-1-5-21-1989619509-1172422604-3077956998-1000\...\Kodi) (Version: - XBMC-Foundation)
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (HKLM-x32\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{39A04221-294E-4D90-A0F2-CCB1EF15CB56}) (Version: 1.2.0.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.24 - Lenovo) Hidden
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Malwarebytes verzia 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2016 Professional Plus - sk-sk (HKLM\...\ProplusRetail - sk-sk) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11629.20196 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1989619509-1172422604-3077956998-1000\...\OneDriveSetup.exe) (Version: 19.086.0502.0005 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Moorhuhn 2 V1.1 (HKLM-x32\...\Moorhuhn 2 V1.1) (Version: - )
Moorhuhn X - XS (HKLM-x32\...\{21BBAD12-C75F-4F06-A9B0-6F8BEEAF3846}) (Version: - )
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.4.0 - Mozilla)
Mozilla Thunderbird 52.4.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 52.4.0 (x86 cs)) (Version: 52.4.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11629.20196 - Microsoft Corporation) Hidden
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.62.01 - )
OpenOffice 4.1.5 (HKLM-x32\...\{E177AC33-EC9C-4537-8996-37ED331D9227}) (Version: 4.15.9789 - Apache Software Foundation)
Príručky EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Speccy (HKLM\...\Speccy) (Version: 1.19 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.4.83 - Synaptics Incorporated)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.1548 - TeamViewer)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
TightVNC (HKLM\...\{DEE0B752-52D8-4615-9BEE-1EDA46628960}) (Version: 2.8.8.0 - GlavSoft LLC.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Total Video Converter 3.71 100812 (HKLM-x32\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.2 - VideoLAN)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1989619509-1172422604-3077956998-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DWGSeeMenu] -> {A6EAF440-149E-4AF3-AE84-5DA3CF791E3B} => C:\Program Files (x86)\AutoDWG\DWGSee Pro 2017\DWGSeeMenu64.dll [2012-07-13] (TODO: <Company name>) [File not signed]
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2016-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-04-30] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2018-03-02] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6-x32: [IconLayout] -> {19F500E0-9964-11cf-B63D-08002B317C03} => Layout.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1989619509-1172422604-3077956998-1000: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) ==============

2017-04-18 05:45 - 2017-04-18 05:45 - 000808960 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2017-04-18 05:45 - 2017-04-18 05:45 - 001227264 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2019-03-19 15:25 - 2019-03-19 15:25 - 000073216 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 067109376 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 000079360 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libegl.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 002246144 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2018-01-04 19:33 - 2014-11-02 19:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2017-09-12 21:07 - 2013-02-23 12:08 - 000993280 _____ (Andrey Gruber) [File not signed] E:\Programy\PNotes\PNotes.exe
2019-03-19 15:25 - 2019-03-19 15:25 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2019-03-19 15:27 - 2019-03-19 15:27 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2019-03-19 15:25 - 2019-03-19 15:25 - 002711552 _____ (Garmin International) [File not signed] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2019-03-19 15:25 - 2019-03-19 15:25 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2017-09-12 21:07 - 2011-05-04 15:53 - 000373248 _____ (hxxp://hunspell.sourceforge.net/) [File not signed] E:\Programy\PNotes\libhunspell.dll
2018-12-11 18:09 - 2018-12-11 18:09 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2018-12-11 18:09 - 2018-12-11 18:09 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2015-12-17 12:11 - 2015-12-17 12:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll
2019-03-19 15:25 - 2019-03-19 15:25 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2017-04-18 05:45 - 2017-04-18 05:45 - 000008192 _____ (The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
2017-04-09 23:49 - 2017-04-09 23:49 - 000434176 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
2018-02-20 18:09 - 2012-07-13 17:28 - 000125952 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\AutoDWG\DWGSee Pro 2017\DWGSeeMenu64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-02-06 16:43 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-1989619509-1172422604-3077956998-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.5.18.5 - 10.5.18.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: LSC.Services.SystemService => 3
MSCONFIG\Services: tvnserver => 2
MSCONFIG\startupreg: EPSON SX100 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE /FU "C:\Windows\TEMP\E_S5D1D.tmp" /EF "HKCU"
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: MalTray => C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe /autorun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: tvncontrol => "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{FF1B3AEA-8F95-4C97-92B6-FB29F84ABDB2}E:\drv\sdi_x64_r1760.exe] => (Block) E:\drv\sdi_x64_r1760.exe No File
FirewallRules: [UDP Query User{2B56AC1B-1898-4744-BA0F-2699992E1CCE}E:\drv\sdi_x64_r1760.exe] => (Block) E:\drv\sdi_x64_r1760.exe No File
FirewallRules: [{61398F24-4634-4A5A-BD51-A5E3FAF6DAD9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{48D6D7E2-BFC2-42D5-A1C9-EB26571EEF4B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F96D2C3B-C2E9-4A79-96B3-619FD1992E2A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{0BA68A73-F529-4192-B02D-925BE1DF7E51}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{1B0246F5-1F90-4928-8C87-D59B36B78B50}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe No File
FirewallRules: [UDP Query User{94D01316-16A3-458C-966B-D619304D74D8}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe No File
FirewallRules: [TCP Query User{FB768EDE-EB18-4E23-923F-739580382E7C}C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe] => (Allow) C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe No File
FirewallRules: [UDP Query User{B79040DD-4B71-4B35-B768-26465591ABC4}C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe] => (Allow) C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe No File
FirewallRules: [{49D45D27-C34A-432F-80F3-769076E96061}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC -> GlavSoft LLC.)
FirewallRules: [TCP Query User{C4F91883-82D0-4F66-9D3E-40C24A01FAF9}C:\program files\tightvnc\tvnviewer.exe] => (Allow) C:\program files\tightvnc\tvnviewer.exe (GlavSoft LLC -> GlavSoft LLC.)
FirewallRules: [UDP Query User{7F4A2EEA-9E21-477C-BC66-BE3AE7F14BE5}C:\program files\tightvnc\tvnviewer.exe] => (Allow) C:\program files\tightvnc\tvnviewer.exe (GlavSoft LLC -> GlavSoft LLC.)
FirewallRules: [TCP Query User{27B22294-2CD8-4FB9-9D22-C47BD35D60A1}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [UDP Query User{9F7FD0EE-2D18-4567-815E-BB81CD8167E7}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [TCP Query User{DB48D912-6F38-42B4-9006-21FBF65C1973}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe No File
FirewallRules: [UDP Query User{F6451C2E-71BE-4EA1-BABC-24C5B44247FF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe No File
FirewallRules: [{2A2AEF2B-EA66-471E-B150-AE76284B24B5}] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe No File
FirewallRules: [{B6C0E4E7-4FB1-4140-92F0-C0D1AAB8C1EF}] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe No File
FirewallRules: [{2444BB92-1D7D-4D28-8A4F-6E5A83BEC08B}] => (Allow) LPort=5900
FirewallRules: [{E142EDEF-77BA-4844-B0DF-31A377E2627E}] => (Allow) LPort=5800
FirewallRules: [{926B5B6D-0869-4E24-B2F7-327C213E09AD}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe No File
FirewallRules: [{5B6BD013-E080-4C2C-AD96-9B5967F5EC22}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe No File
FirewallRules: [TCP Query User{BAC5A90E-F228-4F71-8776-3FE1839945C7}C:\program files\uvnc bvba\ultravnc\repeater.exe] => (Allow) C:\program files\uvnc bvba\ultravnc\repeater.exe No File
FirewallRules: [UDP Query User{C3A6A1D0-D8E7-4E78-97CF-7B9D5AA05C7C}C:\program files\uvnc bvba\ultravnc\repeater.exe] => (Allow) C:\program files\uvnc bvba\ultravnc\repeater.exe No File
FirewallRules: [{3D994728-C5C3-4208-957E-0C061D567C95}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{AB1D1BDB-2132-4512-8D30-102DB8B5761B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{B0BBF240-82E0-488A-A9AB-0A7A0BB7E469}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F6FCD4DB-DCAF-424E-8AD8-4D07D097BFF0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [TCP Query User{89EF14B3-E70E-4E48-BC44-28A89989DABC}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{BA6D348D-2696-4CB9-B101-91ABCCF7A448}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{78693A43-96AB-435B-8618-DF6F50244323}] => (Allow) C:\Users\LENOVO\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe No File
FirewallRules: [{56148567-35C9-4BD1-95BE-F88258E7DB06}] => (Allow) C:\Users\LENOVO\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe No File
FirewallRules: [{6D91A94B-29E2-4AA3-8EDB-81F7D82ADA78}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{F4ED65E8-3769-4AE4-ABC3-F1EFFA27FE34}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{2C9C04AC-B52B-4CA3-AF6B-EEC6C3F0F3B2}] => (Allow) C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E3F623CA-CF06-4E5A-8734-14416B527028}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A7C9DBB-3013-4E30-859F-261A1E993795}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

14-05-2019 18:20:22 Garmin Express

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/29/2019 07:03:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/29/2019 07:03:27 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/29/2019 06:56:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/29/2019 06:41:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/29/2019 06:30:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/29/2019 06:30:13 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/29/2019 06:24:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/23/2019 08:46:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (05/29/2019 06:56:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby risdsnpe zlyhalo kvôli nasledujúcej chybe:
Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.

Error: (05/29/2019 06:56:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Microsoft Office Click-to-Run Service zlyhalo kvôli nasledujúcej chybe:
Služba neodpovedala na riadiaci alebo spúšťací pokyn načas.

Error: (05/29/2019 06:56:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Microsoft Office Click-to-Run Service bol dosiahnutý časový limit (30000 ms).

Error: (05/29/2019 06:24:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby risdsnpe zlyhalo kvôli nasledujúcej chybe:
Služba sa nedá spustiť, pretože je vypnutá, alebo nemá priradené žiadne zapnuté zariadenia.

Error: (05/23/2019 08:21:05 PM) (Source: Schannel) (EventID: 4108) (User: NT AUTHORITY)
Description: The certificate received from the remote server has not validated correctly. The error code is 0x80092013. The SSL connection request has failed. The attached data contains the server certificate.

Error: (05/23/2019 08:21:05 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 552.

Error: (05/23/2019 08:21:05 PM) (Source: Schannel) (EventID: 4108) (User: NT AUTHORITY)
Description: The certificate received from the remote server has not validated correctly. The error code is 0x80092013. The SSL connection request has failed. The attached data contains the server certificate.

Error: (05/23/2019 08:21:05 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 552.


==================== Memory info ===========================

BIOS: LENOVO 83ET75WW (1.45 ) 05/10/2013
Motherboard: LENOVO 4236S25
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 84%
Total physical RAM: 3979.23 MB
Available physical RAM: 599.7 MB
Total Virtual: 7956.61 MB
Available Virtual: 4264.06 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:89.77 GB) (Free:28.04 GB) NTFS
Drive e: (Ečko) (Fixed) (Total:375.79 GB) (Free:149.63 GB) NTFS

\\?\Volume{52359d44-46c0-11e7-ac95-806e6f6e6963}\ (System) (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1D8B0E24)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=89.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=375.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 13796
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Emailom ma vydiera prosím o kontrolu logu

#4 Příspěvek od JaRon »

Ahoj,
doporucujem odinstalovat TeamViewer, Avast, stiahnut
Avptool a vycistit nim PC, restart, zmenit heslo
a v ziadnom pripade nic neplat !
Dufam, ze je tam legalny a aktualizovany OS ☺
FRST |ADWCleaner |MBAM |CCleaner |Avenger |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Zihos
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 31 led 2018 17:01

Re: Emailom ma vydiera prosím o kontrolu logu

#5 Příspěvek od Zihos »

KAspersky nenašiel nič bez toho aby som čokoľvek urobil no jeden obrázok je nejaky nie v poriadku viz archív
Přílohy
Kasperky1.rar
(193.61 KiB) Staženo 37 x

Zihos
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 31 led 2018 17:01

Re: Emailom ma vydiera prosím o kontrolu logu

#6 Příspěvek od Zihos »

Poblem je že na porno nechodím a stalo sa to asi tak že som chcel pozerať F1 cez stream a jeden z linkov ma hodil na pornostránku hneď som to stopol no vyskakovalo to na mňa chviľu až kym som to neodpílil... ale teraz som si uvedomil že som to bolo na služobnom NB ten je na W10 a má eset no ten sráč tvrdí že mi nainštloval keyloger a to ma dopaľuje. Nerád by som nejak ohrozil systemy v praci Team viewer potrebujem na spojenie so systémami v praci ktore na diaľku spravujem...Takže neviem čo stým...

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 13796
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Emailom ma vydiera prosím o kontrolu logu

#7 Příspěvek od JaRon »

POdla mna to mas ciste
TeamViewer ponechaj - je tam sice moznost, ze niekto mohol cez TV ziskat heslo?
Ide o bezny vydieracsky mail, mozes ho ignorovat, akurat nie je jasne z akeho zdroja je heslo
FRST |ADWCleaner |MBAM |CCleaner |Avenger |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Zihos
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 31 led 2018 17:01

Re: Emailom ma vydiera prosím o kontrolu logu

#8 Příspěvek od Zihos »

Ďakujem akurát mi ostáva ta paranoja menom Keyloger googlil som ako ho vystopovať ak nejaký vôbec je... Nejaká rada by nebola dík. Ale posielam teraz pre istotu ešte služobný NB poprosím kontrolu logu vďaka.

Zihos
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 31 led 2018 17:01

Re: Emailom ma vydiera prosím o kontrolu logu

#9 Příspěvek od Zihos »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05.2019
Ran by udrzbaaqp (administrator) on DESKTOP-POLALO5 (Dell Inc. Latitude 5580) (30-05-2019 12:13:07)
Running from C:\Users\udrzbaaqp\Desktop\Udrzba NB
Loaded Profiles: udrzbaaqp (Available Profiles: udrzbaaqp & admin)
Platform: Windows 10 Pro Version 1703 15063.1292 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.21205.0_x64__8wekyb3d8bbwe\Calculator.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Andrey Gruber) [File not signed] C:\Ečko\Programy\PNotes_9_3_0\PNotes\PNotes.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistUI.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126974.inf_amd64_9168fc04b8275db9\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126974.inf_amd64_9168fc04b8275db9\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126974.inf_amd64_9168fc04b8275db9\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126974.inf_amd64_9168fc04b8275db9\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\udrzbaaqp\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\pcdrwi.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRFE.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRFE.EXE
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [773760 2016-10-20] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9192960 2017-03-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1484288 2017-03-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [960896 2017-03-27] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-08-18] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [432776 2018-06-28] (Geek Software GmbH -> Geek Software GmbH)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23817184 2019-05-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\MountPoints2: {6dd2d4b8-6b64-11e9-9ce8-f85971a8590c} - "D:\Lenovo_Suite.exe"
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\MountPoints2: {d5717618-fc7b-11e8-9cdb-d481d7f7f5c5} - "D:\Lenovo_Suite.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-22] (Google LLC -> Google Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{6490DB9D-2802-4956-BCCB-EC84EA0887BB}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{9650FDBC-053A-4715-AD14-FC2DC65E8330}] -> C:\Windows\system32\hvsigpext.dll [2017-07-08] (Microsoft Windows -> )
HKLM\Software\...\Winlogon\GPExtensions: [{D7300225-081C-4CED-9FAD-BFCF9EC3D1D3}] -> C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll [2010-11-08] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PNotes.lnk [2019-01-24]
ShortcutTarget: PNotes.lnk -> C:\Ečko\Programy\PNotes_9_3_0\PNotes\PNotes.exe (Andrey Gruber) [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BD5ABB6-AE8C-4807-9F30-635F5558A6E3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1427464 2019-05-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {0E4044AB-10A0-4EB2-AC5A-0391BB68C608} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113096 2019-05-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {3579EDA6-2001-47A0-9ECC-8EFCD1B3F07F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-12-04] (Google Inc -> Google Inc.)
Task: {3EAB45F4-FAD5-450D-ABA4-B23CB03D3149} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-12-04] (Google Inc -> Google Inc.)
Task: {3EAB8EB2-3643-4622-A352-BBAE99DE029F} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1154008 2017-04-18] (Dell Inc. -> PC-Doctor, Inc.)
Task: {4D36AC81-46A7-4865-BB1F-7A2C4B7CACD7} - System32\Tasks\EPSON XP-243 245 247 Series Update {E2A961FB-51F3-4705-9BA5-637791BA99F3} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}" was unlocked. <==== ATTENTION
Task: {6AEBD079-5B52-4151-8C99-F10CDCA92829} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\Windows\system32\gpupdate.exe [29696 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
Task: {86519A6A-F2DA-4F7E-9B0A-50395613BA49} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {9677D3A6-5070-4B2A-9D90-D7090DDE3681} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439776 2019-05-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {97674AC8-4CE2-42A3-BF91-9DB61422E6DC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439776 2019-05-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {A90CBF6E-E1EF-4F5A-B65F-BC5674A3E09B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26197064 2019-05-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {CBD7C947-26AB-47BA-BCEC-FDC0AE972336} - System32\Tasks\EPSON XP-243 245 247 Series Update {13ACEA1D-E802-48E9-BCE9-7C74B0CAF84C} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {D26919EA-DB11-40C9-9E27-A50EA3EBF2CE} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1512920 2019-04-10] (Dell Inc. -> Dell Inc.)
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" was unlocked. <==== ATTENTION
Task: {D424F9AC-2A34-4856-80FF-967443939C3D} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\Windows\system32\gpupdate.exe [29696 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
Task: {E9CAB963-FBA3-4A69-A5BA-02633F71FADE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26197064 2019-05-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {EA9A635C-1C87-4011-9F9E-9C5C136EB22A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [113096 2019-05-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE9467AA-A45C-4240-A533-8782C3F9976F} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-10-13] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {FB80F54B-77F2-4BBD-822A-28B59B55CF50} - System32\Tasks\PCDDataUploadTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1154008 2017-04-18] (Dell Inc. -> PC-Doctor, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {13ACEA1D-E802-48E9-BCE9-7C74B0CAF84C}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{13ACEA1D-E802-48E9-BCE9-7C74B0CAF84C} /F:UpdateTHERME\DESKTOP-POLALO5$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-243 245 247 Series Update {E2A961FB-51F3-4705-9BA5-637791BA99F3}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{E2A961FB-51F3-4705-9BA5-637791BA99F3} /F:UpdateTHERME\DESKTOP-POLALO5$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.9
Tcpip\..\Interfaces\{e2cb4e83-ff22-4e83-8d4a-7bd8a6a9a3bc}: [DhcpNameServer] 10.5.18.5 10.5.18.2 195.80.171.4
Tcpip\..\Interfaces\{f82cf98f-69c3-425b-ae5c-8530af3ed851}: [DhcpNameServer] 192.168.0.9

Internet Explorer:
==================
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1142325245-130890802-2529674674-2207 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Extension: (Adblocker na Youtube™) - C:\Program Files\Mozilla Firefox\browser\features\{733ED5DC-6D54-4A04-900B-CA85BF4B9A1B}.xpi [2018-12-02] [not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default [2019-05-30]
CHR Extension: (Slides) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-04]
CHR Extension: (Docs) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-04]
CHR Extension: (Google Drive) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-04]
CHR Extension: (YouTube) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-04]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-23]
CHR Extension: (Sheets) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-04]
CHR Extension: (Chrome Remote Desktop) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-05-13]
CHR Extension: (Google Docs Offline) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-04]
CHR Extension: (Google Calendar) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2019-05-13]
CHR Extension: (Save to Facebook) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2019-05-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-04]
CHR Extension: (TeamViewer) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\oooiobdokpcfdlahlmcddobejikcmkfo [2018-12-04]
CHR Extension: (Океан) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgedigcdbemilinbicidhplhebjoafpl [2018-12-04]
CHR Extension: (Gmail) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-24]
CHR Extension: (Stopwatch / Timer / Alarm) - C:\Users\udrzbaaqp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmbmdkichekkmkgbohcbpfehiekdjnpl [2018-12-04]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [104744 2016-10-20] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11147336 2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [94136 2016-06-02] (Dell Inc. -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1542\DSAPI.exe [1038144 2019-04-30] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{BE2B905D-8940-4584-B996-F7A9B96E8F1E} [21408 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{BE2B905D-8940-4584-B996-F7A9B96E8F1E} [21408 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Security\ehttpsrv.exe [43208 2015-11-27] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [1612000 2015-11-27] (ESET, spol. s r.o. -> ESET)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Security\eshasrv.exe [185032 2015-11-27] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-21] (Intel Corporation -> Intel Corporation)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2413752 2017-08-18] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-08-18] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [183560 2016-10-06] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2016-12-19] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-19] (Intel Corporation -> )
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [432776 2018-06-28] (Geek Software GmbH -> Geek Software GmbH)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-03-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2018-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-04-10] (Dell Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH)
R2 WavesSysSvc; c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [415112 2017-03-27] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Wondershare MobileTrans\DriverInstall.exe [107160 2018-10-17] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-19] (Intel Corporation -> Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApHidfiltrService; C:\Windows\System32\drivers\ApHidfiltr.sys [281608 2016-10-20] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [68096 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [40824 2019-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [74144 2017-11-21] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [69536 2017-11-21] (Intel Corporation -> Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [253752 2015-11-11] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186272 2015-11-11] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [205288 2015-11-11] (ESET, spol. s r.o. -> ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [52872 2015-11-11] (ESET, spol. s r.o. -> ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69328 2015-11-11] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [382880 2017-11-21] (Intel Corporation -> Intel Corporation)
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54800 2016-08-16] (Intel(R) Software -> Intel Corporation)
S3 iaStorAfs; C:\Windows\System32\drivers\iaStorAfs.sys [70664 2017-08-18] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [733448 2016-10-06] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 mosuport; C:\Windows\System32\drivers\mosuport.sys [367744 2016-12-23] (WDKTestCert Alex,130940336584439605 -> ASIX Electronics Corporation)
S3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7621376 2017-03-18] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw06; C:\Windows\system32\DRIVERS\Netwtw06.sys [8751632 2018-04-04] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 nmwcd; C:\Windows\system32\drivers\ccdcmbx64.sys [19968 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\system32\drivers\ccdcmbox64.sys [27136 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pccsmcfd; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [864704 2017-10-31] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R0 stdcfltn; C:\Windows\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [154280 2016-10-13] (STMICROELECTRONICS S.R.L. -> STMicroelectronics)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [9216 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [9216 2013-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46072 2018-06-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [313384 2018-06-19] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-19] (Microsoft Windows -> Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [220672 2017-03-18] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz140; \??\C:\Users\UDRZBA~1\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-06-03 02:30 - 2019-04-20 13:48 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\iVideo
2019-05-30 12:02 - 2019-05-30 12:02 - 000962651 _____ C:\Users\udrzbaaqp\Desktop\Ziadanky1.xlsx
2019-05-30 08:58 - 2019-05-30 08:58 - 000000000 ___HD C:\OneDriveTemp
2019-05-30 06:32 - 2019-05-30 06:32 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2019-05-29 13:33 - 2019-05-29 13:33 - 000000566 _____ C:\Users\udrzbaaqp\Desktop\bluetooth_content_share.html
2019-05-25 17:21 - 2019-05-25 17:21 - 000002565 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-25 17:21 - 2019-05-25 17:21 - 000002526 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-05-25 17:21 - 2019-05-25 17:21 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-05-25 17:21 - 2019-05-25 17:21 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-05-25 17:21 - 2019-05-25 17:21 - 000002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-25 17:21 - 2019-05-25 17:21 - 000002477 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-25 17:21 - 2019-05-25 17:21 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-05-25 17:21 - 2019-05-25 17:21 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-05-25 17:21 - 2019-05-25 17:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2019-05-17 06:38 - 2019-05-17 06:38 - 000003368 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1142325245-130890802-2529674674-2207
2019-05-17 06:38 - 2019-05-17 06:38 - 000002412 _____ C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-16 05:53 - 2019-05-16 05:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-08 20:13 - 2019-05-08 20:13 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-05-08 20:13 - 2019-05-08 20:13 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 14.lnk
2019-05-06 20:43 - 2019-05-06 20:44 - 000957382 _____ C:\Users\udrzbaaqp\Ziadanky1.xlsx
2019-04-30 11:23 - 2019-04-30 11:23 - 000002204 _____ C:\Users\Public\Desktop\SupportAssist.lnk

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-30 12:13 - 2018-12-03 08:35 - 000000000 ____D C:\FRST
2019-05-30 12:13 - 2018-07-01 20:03 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Udrzba NB
2019-05-30 12:06 - 2018-10-14 08:30 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\vlc
2019-05-30 12:06 - 2018-06-19 18:33 - 000000000 ____D C:\Ečko
2019-05-30 12:06 - 2018-06-19 13:27 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Local\Packages
2019-05-30 11:56 - 2018-06-20 10:43 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Chrome down
2019-05-30 11:43 - 2017-07-07 17:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-05-30 11:10 - 2018-06-19 17:20 - 000004200 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FC3DF6E9-697C-4F3B-80E6-65AF9AD0A61B}
2019-05-30 11:04 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-30 11:04 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\AppReadiness
2019-05-30 09:00 - 2016-09-06 07:07 - 000000000 ____D C:\Users\udrzbaaqp\Documents\Archiv pošta
2019-05-30 08:58 - 2018-06-19 13:30 - 000000000 ___RD C:\Users\udrzbaaqp\OneDrive
2019-05-30 08:57 - 2018-06-19 16:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-05-30 06:32 - 2018-06-19 13:27 - 000000000 __SHD C:\Users\udrzbaaqp\IntelGraphicsProfiles
2019-05-29 06:35 - 2018-06-21 18:27 - 000000370 _____ C:\Windows\SysWOW64\SmartFlow.txt
2019-05-28 14:54 - 2018-06-26 16:01 - 000000000 _____ C:\Windows\SysWOW64\SpyWareFolderstoFilter.txt
2019-05-28 12:30 - 2018-10-20 14:59 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Privat
2019-05-28 11:14 - 2018-10-21 18:07 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Temp Skeny
2019-05-27 21:18 - 2018-06-19 13:27 - 000000000 ____D C:\Users\udrzbaaqp
2019-05-25 20:41 - 2018-12-04 19:07 - 000000000 ____D C:\ProgramData\AMMYY
2019-05-25 17:22 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-25 17:20 - 2017-09-22 14:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-05-22 06:54 - 2018-12-04 12:51 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-22 06:54 - 2018-12-04 12:51 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-05-16 05:51 - 2018-12-04 12:48 - 000003456 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-16 05:51 - 2018-12-04 12:48 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-15 10:33 - 2018-06-24 17:12 - 000001178 _____ C:\Users\udrzbaaqp\Desktop\ Redmi 4.lnk
2019-05-13 11:12 - 2018-12-04 12:56 - 000000000 ____D C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome
2019-05-12 22:18 - 2019-01-08 21:01 - 000400128 _____ C:\Windows\system32\FNTCACHE.DAT
2019-05-12 22:18 - 2017-07-07 17:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-12 22:17 - 2017-03-18 13:40 - 002359296 _____ C:\Windows\system32\config\BBI
2019-05-12 15:05 - 2018-06-19 20:01 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Odkazy VNC z vonku
2019-05-08 11:19 - 2018-06-20 09:27 - 000000389 _____ C:\Users\udrzbaaqp\Desktop\Daikin MF.website
2019-05-07 17:24 - 2018-11-20 17:04 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\Prenosový
2019-05-06 11:17 - 2019-04-29 11:19 - 000014824 _____ C:\Users\udrzbaaqp\Desktop\Plavecké 2019 aktualizované pre údržbu.xlsx
2019-05-04 18:27 - 2019-03-09 10:20 - 000000000 ____D C:\Users\udrzbaaqp\Desktop\HDS
2019-05-02 15:30 - 2017-07-07 17:42 - 001651914 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-30 18:28 - 2017-07-07 17:38 - 000000000 ____D C:\ProgramData\PCDr
2019-04-30 11:23 - 2017-07-07 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2019-04-30 11:23 - 2017-03-18 23:01 - 000000000 ____D C:\Windows\INF
2019-04-30 11:22 - 2017-09-06 12:29 - 000000000 ____D C:\ProgramData\SupportAssist

==================== Files in the root of some directories =======

2018-07-02 13:54 - 2018-07-02 13:54 - 000024096 _____ () C:\Users\udrzbaaqp\AppData\Roaming\Hodnoty oddelené čiarkou.ADR
2018-07-02 13:49 - 2018-07-02 13:49 - 000008242 _____ () C:\Users\udrzbaaqp\AppData\Roaming\Hodnoty oddelené čiarkou.EML
2018-12-02 22:26 - 2018-12-02 22:26 - 000140800 _____ () C:\Users\udrzbaaqp\AppData\Local\installer.dat
2018-11-06 22:54 - 2018-11-06 22:54 - 000000017 _____ () C:\Users\udrzbaaqp\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-05-23 19:35
==================== End of FRST.txt ============================

Zihos
Návštěvník
Návštěvník
Příspěvky: 47
Registrován: 31 led 2018 17:01

Re: Emailom ma vydiera prosím o kontrolu logu

#10 Příspěvek od Zihos »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05.2019
Ran by udrzbaaqp (30-05-2019 12:15:25)
Running from C:\Users\udrzbaaqp\Desktop\Udrzba NB
Windows 10 Pro Version 1703 15063.1292 (X64) (2017-07-30 23:07:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

admin (S-1-5-21-3488352295-3265554142-2068840992-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-3488352295-3265554142-2068840992-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3488352295-3265554142-2068840992-503 - Limited - Disabled)
Guest (S-1-5-21-3488352295-3265554142-2068840992-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Endpoint Security 6.3.2016.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Security 6.3.2016.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personálny firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.4 (HKLM\...\{62C59C21-F5F5-41A1-B575-DE37FEAA285B}) (Version: 4.4.11.2412 - Open Media LLC)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.54.1 - Asmedia Technology)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
bubans 1.00 (HKLM-x32\...\bubans 1.00) (Version: 1.00 - bubans)
Dell Command | Power Manager (HKLM\...\{DDDAF4A7-8B7D-4088-AECC-6F50E594B4F5}) (Version: 2.1.1 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.3.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{7294961D-6EC1-4418-9017-0180A0C78A91}) (Version: 3.2.1006.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\{0309AC01-330F-494C-B27D-58E297E4674F}) (Version: 3.2.1.94 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.212 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.2207.101.108 - ALPS ELECTRIC CO., LTD.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.3.6855.212 - PC-Doctor, Inc.) Hidden
DWGSee Pro 2017 (HKLM-x32\...\{95EBD9FE-2F20-454A-84FC-6D22A8978A0A}) (Version: 4.43 - AutoDWG)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{9ABD2971-9B8B-4958-9100-4EAFCC32A86D}) (Version: 3.0.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{4830989D-5FA5-41DF-A02F-5D1B4D5C73B8}) (Version: 4.4.10 - Seiko Epson Corporation)
EPSON XP-243 245 247 Series Printer Uninstall (HKLM\...\EPSON XP-243 245 247 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
ESET Endpoint Security (HKLM\...\{900372AF-5CB7-40EA-A564-84420E4BB5ED}) (Version: 6.3.2016.1 - ESET, spol. s r.o.)
FastStone Image Viewer 6.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.5 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.0.317 - Intel Corporation)
Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 22.9 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.5.1025 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{7FADF1ED-241A-4F82-B8FD-19BD0A82FFA0}) (Version: 19.11.1639.0649 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9134.0 - Waves Audio Ltd.) Hidden
Microsoft Office 365 Business - sk-sk (HKLM\...\O365BusinessRetail - sk-sk) (Version: 16.0.11601.20230 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11601.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20230 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20230 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF24 Creator 8.4.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Príručky EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.21304 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8105 - Realtek Semiconductor Corp.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0079 - ST Microelectronics)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
Total Video Converter 3.71 100812 (HKLM-x32\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.2.1 - uvnc bvba)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A6F2ADC4-12C4-41E8-B90B-3BE018F5787C}) (Version: 2.48.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Small Business Server 2011 Standard ClientAgent (HKLM\...\{5C72F8A3-BF39-4733-B41E-0ED7EF622E37}) (Version: 6.1.7900.1 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare MobileTrans ( Version 7.9.12 ) (HKLM-x32\...\{18CDCEAA-A9E4-4A4C-AC0E-C15E87C30EA5}_is1) (Version: 7.9.12 - Wondershare)

Packages:
=========
Adobe Photoshop Express: Image Editor, Adjustments, Filters, Effects, Borders -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.0.316.0_x64__ynb6jyjzte8ga [2019-05-25] (Adobe Inc.)
Code Writer -> C:\Program Files\WindowsApps\ActiproSoftwareLLC.562882FEEB491_2.6.19.19_neutral__24pqs290vpjk0 [2018-06-20] (Actipro Software LLC)
Duolingo - Learn Languages for Free -> C:\Program Files\WindowsApps\D5EA27B7.Duolingo-LearnLanguagesforFree_2017.112.1.0_x64__yx6k7tf7xvsea [2018-09-01] (Duolingo Inc.)
Eclipse Manager -> C:\Program Files\WindowsApps\46928bounde.EclipseManager_3.2.18.0_x64__a5h4egax66k6y [2018-09-01] (Ounce Digital)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.0_x86__8wekyb3d8bbwe [2018-06-20] (Microsoft Corporation)
KONICA MINOLTA Print Experience -> C:\Program Files\WindowsApps\KONICAMINOLTAINC.KONICAMINOLTAPrintExperience_1.2.1.0_neutral__s63fsn2sety0r [2019-03-11] (KONICA MINOLTA INC)
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1098.1000_x86__8wekyb3d8bbwe [2019-05-22] (Microsoft Corporation)
Microsoft Visual C++ 2013 Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Universal_12.0.30501.0_x64__8wekyb3d8bbwe [2018-06-20] (Microsoft Platform Extensions)
Microsoft Visual C++ 2013 Runtime Package -> C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00.Universal_12.0.30501.0_x86__8wekyb3d8bbwe [2018-06-20] (Microsoft Platform Extensions)
Network Speed Test -> C:\Program Files\WindowsApps\Microsoft.NetworkSpeedTest_1.0.0.23_x64__8wekyb3d8bbwe [2018-06-20] (Microsoft Research)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1142325245-130890802-2529674674-2207_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-1142325245-130890802-2529674674-2207_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DWGSeeMenu] -> {A6EAF440-149E-4AF3-AE84-5DA3CF791E3B} => C:\Program Files (x86)\AutoDWG\DWGSee Pro 2017\DWGSeeMenu64.dll [2012-07-13] (TODO: <Company name>) [File not signed]
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2015-11-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2015-11-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki126974.inf_amd64_9168fc04b8275db9\igfxDTCM.dll [2018-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2015-11-27] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1142325245-130890802-2529674674-2207: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\TeamViewer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=oooiobdokpcfdlahlmcddobejikcmkfo
ShortcutWithArgument: C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Vzdialená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\udrzbaaqp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Vzdialená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

==================== Loaded Modules (Whitelisted) ==============

2018-12-21 20:23 - 2016-07-21 11:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2018-12-21 20:23 - 2016-10-08 17:48 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2018-06-19 19:59 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2018-06-20 06:30 - 2013-02-23 12:08 - 000993280 _____ (Andrey Gruber) [File not signed] C:\Ečko\Programy\PNotes_9_3_0\PNotes\PNotes.exe
2018-06-20 06:30 - 2011-05-04 15:53 - 000373248 _____ (hxxp://hunspell.sourceforge.net/) [File not signed] C:\Ečko\Programy\PNotes_9_3_0\PNotes\libhunspell.dll
2016-10-14 21:00 - 2016-10-14 21:00 - 000347648 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2017-09-22 14:15 - 2017-09-22 14:15 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2017-09-22 14:15 - 2017-09-22 14:15 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2015-12-17 12:11 - 2015-12-17 12:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll
2018-06-19 20:00 - 2012-07-13 16:28 - 000125952 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\AutoDWG\DWGSee Pro 2017\DWGSeeMenu64.dll
2018-12-21 20:23 - 2016-10-08 17:49 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\01417951.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\01417951.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\sharepoint.com -> hxxps://slktt-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-12-04 08:42 - 2018-12-04 08:42 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

2018-06-28 20:24 - 2018-12-08 20:51 - 000000512 _____ C:\Windows\system32\drivers\etc\hosts.ics

192.168.137.1 DESKTOP-POLALO5.mshome.net # 2023 12 4 7 18 51 49 340
192.168.137.247 Redmi4-Redmi.mshome.net # 2018 12 6 15 18 51 49 340

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1142325245-130890802-2529674674-2207\Control Panel\Desktop\\Wallpaper -> C:\Users\udrzbaaqp\AppData\Roaming\FastStone\FSIV\FSViewerWallPaper.bmp
DNS Servers: 192.168.0.9
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-1142325245-130890802-2529674674-2207\...\StartupApproved\Run: => "Lync"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F8CDA4C7-AF7D-425C-9515-D687080F23BA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{30BE1758-A079-4A9A-8DFC-DBB7E57BDBA5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E8A9D832-4A9E-4C0F-99BA-4917C551B39B}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{5FD1CF25-5543-437E-BE0E-6D1173AF9FD7}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{F5D6FE8A-60C4-4C28-89FD-664184F49B45}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9C2C066F-7E5E-4611-BCA9-F94E477F481C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{23982594-A78D-40CD-87BE-8131B0C967A2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{ECDD527B-B7FE-40E8-A3EA-8BC2C94F9AD5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{CC887762-EEB9-4C36-A0E5-2156B1AC8B19}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{5EAD8A59-87F9-4003-8086-29DE04CBB59D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{67B61AB5-169D-4D0A-B580-6F3CC9F08235}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{BA7A28D9-390F-404F-A4A4-9374E71DA592}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4CA55C6C-34EF-43DC-9E21-F23231DF420F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{3D95CFAA-7735-4FB9-951C-4707CD45B861}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{3924BC8B-8F96-4D84-9639-0DBA78264FB1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{5A3CB768-233C-4AC2-B650-D4DB37340CAB}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{D83E4DE5-5102-4EAE-9BCA-268A813B4D97}] => (Allow) C:\Users\udrzbaaqp\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{0E94267F-0B25-4CFD-AEDA-CFCB24DD052D}] => (Allow) C:\Users\udrzbaaqp\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{FE37FFAD-074F-4917-9BF0-3E483ECBDE93}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{175C6063-69B4-4F7C-833A-81E0F87C85F9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4057D4BC-C17C-463A-904D-CA7172A78E73}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C9191D84-85CF-4C38-8B79-877BF9A0B966}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{5FDBAA75-6CF7-48D5-A5EB-A1CEC6B310B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{16D07FC1-CF87-4517-B4FC-8D516FAE170B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8E1C86EA-48A7-4FA5-A70D-D1FBE73CEE7C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

13-05-2019 10:13:31 Scheduled Checkpoint
20-05-2019 19:43:00 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/30/2019 09:23:34 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (05/30/2019 06:35:46 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (05/29/2019 06:32:09 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {95CABCC9-BC57-4C12-B8DF-BA193232AA01} was rejected

Error: (05/29/2019 06:32:09 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {95CABCC9-BC57-4C12-B8DF-BA193232AA01} was rejected

Error: (05/29/2019 06:32:03 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {95CABCC9-BC57-4C12-B8DF-BA193232AA01} was rejected

Error: (05/29/2019 06:32:01 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {95CABCC9-BC57-4C12-B8DF-BA193232AA01} was rejected

Error: (05/29/2019 06:31:49 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {95CABCC9-BC57-4C12-B8DF-BA193232AA01} was rejected

Error: (05/29/2019 06:31:48 AM) (Source: COM) (EventID: 10031) (User: )
Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {95CABCC9-BC57-4C12-B8DF-BA193232AA01} was rejected


System errors:
=============
Error: (05/30/2019 12:02:58 PM) (Source: DCOM) (EventID: 10016) (User: THERME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user THERME\udrzbaaqp SID (S-1-5-21-1142325245-130890802-2529674674-2207) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-2998614532-4287537773-1084600375-29439756-2601831906-3914704123-571253841). This security permission can be modified using the Component Services administrative tool.

Error: (05/30/2019 11:41:33 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1097) (User: NT AUTHORITY)
Description: Spracovanie skupinovej politiky zlyhalo. Systém Windows nemohol určiť konto počítača na presadenie nastavení skupinovej politiky. Tento stav môže byť prechodný. Nastavenia skupinovej politiky vrátane konfigurácie počítača sa na tomto počítači nepresadia.

Error: (05/30/2019 11:41:33 AM) (Source: Kerberos) (EventID: 7) (User: )
Description: The digitally signed Privilege Attribute Certificate (PAC) that contains the authorization information for client DESKTOP-POLALO5$ in realm THERME.LOCAL could not be validated.

This error is usually caused by domain trust failures; Contact your system administrator.

Error: (05/30/2019 11:36:28 AM) (Source: DCOM) (EventID: 10016) (User: THERME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user THERME\udrzbaaqp SID (S-1-5-21-1142325245-130890802-2529674674-2207) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-2918742197-2940082297-3414067623-4239784042-1270140541-1314302391-2954322286). This security permission can be modified using the Component Services administrative tool.

Error: (05/30/2019 10:24:44 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1110) (User: THERME)
Description: Spracovanie skupinovej politiky zlyhalo. Systému Windows sa nepodarilo určiť, či kontá používateľa a počítača patria do rovnakého lesa. Skontrolujte, či sa názov domény používateľa zhoduje s názvom dôveryhodnej domény, ktorá sa nachádza v rovnakom lese ako konto počítača.

Error: (05/30/2019 10:10:32 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1097) (User: NT AUTHORITY)
Description: Spracovanie skupinovej politiky zlyhalo. Systém Windows nemohol určiť konto počítača na presadenie nastavení skupinovej politiky. Tento stav môže byť prechodný. Nastavenia skupinovej politiky vrátane konfigurácie počítača sa na tomto počítači nepresadia.

Error: (05/30/2019 10:10:32 AM) (Source: Kerberos) (EventID: 7) (User: )
Description: The digitally signed Privilege Attribute Certificate (PAC) that contains the authorization information for client DESKTOP-POLALO5$ in realm THERME.LOCAL could not be validated.

This error is usually caused by domain trust failures; Contact your system administrator.

Error: (05/30/2019 10:10:06 AM) (Source: DCOM) (EventID: 10016) (User: THERME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user THERME\udrzbaaqp SID (S-1-5-21-1142325245-130890802-2529674674-2207) from address LocalHost (Using LRPC) running in the application container Unavailable SID (S-1-15-2-1696823671-561842974-4068103595-766457145-3317732085-9195901-3545270820). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2017-09-22 14:07:51.405
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7EB06A5A-9083-44BD-8140-D43ACCBA8C69}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2018-07-01 19:38:59.673
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-06-19 12:11:29.483
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-06-19 12:11:29.475
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Dell Inc. 1.13.0 11/12/2018
Motherboard: Dell Inc. 0NY0H9
Processor: Intel(R) Core(TM) i3-7100U CPU @ 2.40GHz
Percentage of memory in use: 57%
Total physical RAM: 8054.1 MB
Available physical RAM: 3394.47 MB
Total Virtual: 11078.8 MB
Available Virtual: 4748.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:930.43 GB) (Free:605.04 GB) NTFS
Drive e: (PAMATOVKA) (Removable) (Total:1.83 GB) (Free:1.29 GB) FAT

\\?\Volume{e89665cc-5f74-4828-aa06-4e871948ff31}\ (WINRETOOLS) (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E0EAED6D)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 1.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 13796
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Emailom ma vydiera prosím o kontrolu logu

#11 Příspěvek od JaRon »

MBAM by mal najst podstatnu cast KL :James008:
+
pozri https://www.lupa.cz/aktuality/tento-e-m ... ase-vraci/
FRST |ADWCleaner |MBAM |CCleaner |Avenger |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Odpovědět