Prosím o preventivní kontrolu logu kvůli blokaci defenderu

Zpráva

digivir · #1 Příspěvek od **digivir** » 02 pro 2019 15:58

Dobrý den,
chtěl bych požádat o kontrolu logu. Nemyslím si, že by byla v počítači havěť, ale někde se vyskytl problém. Obdobný se tady úspěšně řešil. U Win 10 Home mi z nabídky Zabezpečení Windows zmizela možnost ochrany před hrozbami a viry, při pokusu o spuštění/kontrolu se objeví hláška:
"Stránka není k dispozici - Váš správce IT omezil přístup k některým oblastem této aplikace a položka, ke které jste se pokusili získat přístup, není k dispozici. O další informace požádejte helpdesk IT."

OS byl kupován samostatně a nejedná se o firemní licenci, tedy žádný IT správce nic neomezoval.
Předem díky za pomoc.

Kvůli délky logů je zasílám v příloze.

#2 Příspěvek od **Conder** » 02 pro 2019 18:00

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
Nechaj zaskrtnute vsetky nalezy
Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah sem skopiruj

digivir · #3 Příspěvek od **digivir** » 02 pro 2019 18:30

Ahoj,
níže zasílám výpis. Nebyl nalezen žádný problém, pouze předinstalované aplikace.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build: 11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-02-2019
# Duration: 00:00:16
# OS: Windows 10 Home
# Scanned: 35225
# Detected: 33

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.DellCommand|PowerManager Folder C:\Program Files\DELL\COMMANDPOWERMANAGER
Preinstalled.DellCommand|PowerManager Folder C:\ProgramData\DELL\COMMANDPOWERMANAGER
Preinstalled.DellCommand|PowerManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}
Preinstalled.DellQuickset Folder C:\Program Files\DELL\QUICKSET
Preinstalled.DellQuickset Folder C:\ProgramData\DELL\QUICKSET
Preinstalled.DellQuickset Registry HKLM\Software\Classes\CLSID\{518741A2-FEDB-4917-934D-28BE560D45BA}
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|QuickSet
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|QuickSet
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87CF757E-C1F1-4D22-865C-00C6950B5258}
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AGENT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\AGENT
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BD21175-98CA-41FC-AC54-CF1E5CBA2400}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BD21175-98CA-41FC-AC54-CF1E5CBA2400}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Preinstalled.DellSupportAssistAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5832D99C-C9C6-437F-861C-43ED6333956F}
Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5EBBC1DA-975F-44A0-B438-F325BCD45577}
Preinstalled.SmartByte Folder C:\Program Files\RIVET NETWORKS
Preinstalled.SmartByte Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIVET NETWORKS
Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{831E75CC-DB34-4562-8EE2-B5282193313E}
Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartByte Telemetry
Preinstalled.SmartByte Task C:\Windows\System32\Tasks\SMARTBYTE TELEMETRY

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

#4 Příspěvek od **Conder** » 03 pro 2019 15:17

Poprosim o obidva nove logy z FRST.

digivir · #5 Příspěvek od **digivir** » 03 pro 2019 22:14

Zasílám opět v příloze.

#6 Příspěvek od **Conder** » 04 pro 2019 23:37

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CMD: RD /S /Q "%WinDir%\System32\GroupPolicyUsers"
CMD: RD /S /Q "%WinDir%\System32\GroupPolicy"
CMD: gpupdate /force

Task: {1E927A07-3C5A-454C-9E0E-57F33140B06E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {26CF0F87-5B9F-4131-9ED6-27181E33C9D7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {2E557E97-341A-41B8-8D1F-34D29667BC30} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {2E5B7A8F-3AD2-462F-AA54-C7951D27370A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {30662AB7-9D2D-4E9A-B0DB-7DD0F0944E5A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {31262510-DD01-4FA0-8F10-D62D26F51788} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {33DEDE63-AF2B-46F3-8E48-B13B369CF7DB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [330240 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5469B8B6-54CC-439D-89AD-2AF7B435E91F} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {85551388-E3B8-4561-9F61-D1DA670D78B7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [330240 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {A2B647DB-0272-4198-A03B-8F3C8004485C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {A4C000AB-5530-46C3-B521-997DDE638A57} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {C392357B-D49D-48EF-A6EA-760CA227E5A0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {C49DBC36-88E6-4653-8CAE-295B7D837E82} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-501826139-2012490160-4225290962-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-501826139-2012490160-4225290962-1001 -> DefaultScope {369A650A-B087-4C98-A0B0-6B89EBCAC80A} URL = 
2019-12-03 22:11 - 2019-12-03 22:11 - 000000000 ____D C:\Users\Bodie\Desktop\FRST-OlderVersion

CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

digivir · #7 Příspěvek od **digivir** » 05 pro 2019 07:21

Provedeno, zasílám log. Ne vše se očividně udělalo.

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-12-2019 01
Ran by Bodie (05-12-2019 07:16:07) Run:1
Running from C:\Users\Bodie\Desktop
Loaded Profiles: Bodie (Available Profiles: Bodie)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CMD: RD /S /Q "%WinDir%\System32\GroupPolicyUsers"
CMD: RD /S /Q "%WinDir%\System32\GroupPolicy"
CMD: gpupdate /force

Task: {1E927A07-3C5A-454C-9E0E-57F33140B06E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {26CF0F87-5B9F-4131-9ED6-27181E33C9D7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {2E557E97-341A-41B8-8D1F-34D29667BC30} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {2E5B7A8F-3AD2-462F-AA54-C7951D27370A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {30662AB7-9D2D-4E9A-B0DB-7DD0F0944E5A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {31262510-DD01-4FA0-8F10-D62D26F51788} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {33DEDE63-AF2B-46F3-8E48-B13B369CF7DB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [330240 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5469B8B6-54CC-439D-89AD-2AF7B435E91F} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {85551388-E3B8-4561-9F61-D1DA670D78B7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [330240 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {A2B647DB-0272-4198-A03B-8F3C8004485C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {A4C000AB-5530-46C3-B521-997DDE638A57} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {C392357B-D49D-48EF-A6EA-760CA227E5A0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {C49DBC36-88E6-4653-8CAE-295B7D837E82} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-501826139-2012490160-4225290962-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-501826139-2012490160-4225290962-1001 -> DefaultScope {369A650A-B087-4C98-A0B0-6B89EBCAC80A} URL =
2019-12-03 22:11 - 2019-12-03 22:11 - 000000000 ____D C:\Users\Bodie\Desktop\FRST-OlderVersion

CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Count : 1607
Average :
Sum : 811414571
Maximum :
Minimum :
Property : Length

========= End of Powershell: =========

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => could not remove, key could be protected

========= RD /S /Q "%WinDir%\System32\GroupPolicyUsers" =========

Syst‚m nem…§e nal‚zt uvedeně soubor.

========= End of CMD: =========

========= RD /S /Q "%WinDir%\System32\GroupPolicy" =========

Syst‚m nem…§e nal‚zt uvedeně soubor.

========= End of CMD: =========

========= gpupdate /force =========

Updating policy...

Computer Policy update has completed successfully.

User Policy update has completed successfully.

========= End of CMD: =========

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E927A07-3C5A-454C-9E0E-57F33140B06E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E927A07-3C5A-454C-9E0E-57F33140B06E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Win10 S Mode event listener created by enrollment client => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Win10 S Mode event listener created by enrollment client" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26CF0F87-5B9F-4131-9ED6-27181E33C9D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26CF0F87-5B9F-4131-9ED6-27181E33C9D7}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #3 created by enrollment client => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #3 created by enrollment client" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E557E97-341A-41B8-8D1F-34D29667BC30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E557E97-341A-41B8-8D1F-34D29667BC30}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushLaunch => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushLaunch" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E5B7A8F-3AD2-462F-AA54-C7951D27370A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E5B7A8F-3AD2-462F-AA54-C7951D27370A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #2 created by enrollment client => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #2 created by enrollment client" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30662AB7-9D2D-4E9A-B0DB-7DD0F0944E5A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30662AB7-9D2D-4E9A-B0DB-7DD0F0944E5A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\OS Edition Upgrade event listener created by enrollment client => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\OS Edition Upgrade event listener created by enrollment client" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31262510-DD01-4FA0-8F10-D62D26F51788}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31262510-DD01-4FA0-8F10-D62D26F51788}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushRenewal => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushRenewal" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33DEDE63-AF2B-46F3-8E48-B13B369CF7DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33DEDE63-AF2B-46F3-8E48-B13B369CF7DB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by server => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by server" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5469B8B6-54CC-439D-89AD-2AF7B435E91F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5469B8B6-54CC-439D-89AD-2AF7B435E91F}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule created by enrollment client for renewal of certificate warning => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule created by enrollment client for renewal of certificate warning" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85551388-E3B8-4561-9F61-D1DA670D78B7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85551388-E3B8-4561-9F61-D1DA670D78B7}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by client => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by client" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2B647DB-0272-4198-A03B-8F3C8004485C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2B647DB-0272-4198-A03B-8F3C8004485C}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Provisioning initiated session => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Provisioning initiated session" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4C000AB-5530-46C3-B521-997DDE638A57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4C000AB-5530-46C3-B521-997DDE638A57}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushUpgrade => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushUpgrade" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C392357B-D49D-48EF-A6EA-760CA227E5A0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C392357B-D49D-48EF-A6EA-760CA227E5A0}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Passport for Work alert created by enrollment client => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Passport for Work alert created by enrollment client" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C49DBC36-88E6-4653-8CAE-295B7D837E82}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C49DBC36-88E6-4653-8CAE-295B7D837E82}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #1 created by enrollment client => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #1 created by enrollment client" => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\S-1-5-21-501826139-2012490160-4225290962-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
C:\Users\Bodie\Desktop\FRST-OlderVersion => moved successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1} => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 523188443 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 17195049 B
Edge => 571837 B
Chrome => 0 B
Firefox => 1226761586 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 3701004 B
systemprofile32 => 3701004 B
LocalService => 3701004 B
NetworkService => 3908188 B
Bodie => 13081492 B

RecycleBin => 156787 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-12-2019 07:19:32)

Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully

==== End of Fixlog 07:19:33 ====

#8 Příspěvek od **Conder** » 05 pro 2019 21:59

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

CMD: RD /S /Q "%WinDir%\System32\GroupPolicyUsers"
CMD: RD /S /Q "%WinDir%\System32\GroupPolicy"
CMD: gpupdate /force

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Nasledne poprosim aj o obidva nove logy z FRST

digivir · #9 Příspěvek od **digivir** » 05 pro 2019 22:28

Všechny tři logy zasílám v příloze.
Zkoušel jsem složku GroupPolicy i GroupPolicyUsers vyhledat, ale nikde jsem je nenašel.

#10 Příspěvek od **Conder** » 06 pro 2019 16:59

Logy uz vyzeraju OK, nastavenia Group Policy boli resetovane. Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?

digivir · #11 Příspěvek od **digivir** » 06 pro 2019 17:12

Vypadá to beze změny - při snaze zkontrolovat soubor přes Defender - pravé tlačítko a Zkontrolovat..., tak naskočí hláška "Stránka není k dispozici, Váš IT správce omezil přístup..."
A při cestě Start - Nastavení - Aktualizace a zabezpečení - Zabezpečení Windows - není zobrazeno nic z nabídky, vypadá to, jako by byl Defender neaktivní.

#12 Příspěvek od **Conder** » 07 pro 2019 00:50

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center|UILockdown

End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

digivir · #13 Příspěvek od **digivir** » 07 pro 2019 10:54

Provedeno, chování pořád stejné.

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-12-2019
Ran by Bodie (07-12-2019 10:53:36) Run:3
Running from C:\Users\Bodie\Desktop
Loaded Profiles: Bodie (Available Profiles: Bodie)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center|UILockdown

End
*****************

Processes closed successfully.
Restore point was successfully created.
================== ExportKey: ===================

"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center" => not found

=== End of ExportKey ===
"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\\UILockdown" => not found

The system needed a reboot.

==== End of Fixlog 10:53:45 ====

#14 Příspěvek od **Conder** » 08 pro 2019 17:06

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
```
Start
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft
End
```
Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Pockaj na dokoncenie
Tentokrat to bude bez restartu, otvori sa Fixlog.txt (pripadne bude na ploche), jeho obsah sem skopiruj

Poprosim aj o obidva nove logy z FRST a screenshot z chybovej hlasky, ktora sa vyskytuje.

digivir · #15 Příspěvek od **digivir** » 08 pro 2019 22:38

Provedeno, zasílám vše v příloze.

Info_screen je v případě, že na soubor kliknu pravým tpačítkem a pokusím se spustit kontrolu přes Defender.

Info_screen2 je nabídka přes start / nastavení / aktualizace a zabezpečení / Zabezpečení windows. Po kliknutí na spustit se dostávám na stejnou obrazovku jako v předchozím případě.

Info_screen3 je pokud na první obrazovce najedu do nastavení / Spravovat poskytovatele.

Ještě jsem se díval a Defender nikde nevidím, tedy v Program FIles je složka Windows Defender s určitými soubory, ale není zde správný spustitelný soubor, v ovládacích panelech defender není, přes nabídku Start nejde najít,...

VIRY.CZ

Prosím o preventivní kontrolu logu kvůli blokaci defenderu

Prosím o preventivní kontrolu logu kvůli blokaci defenderu

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende