
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Spomalený NB, prosím o kontrolu logov
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Spomalený NB, prosím o kontrolu logov
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2019
Ran by PC (administrator) on DELL (30-01-2019 10:30:28)
Running from C:\Users\PC\Downloads
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Angličtina (USA)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atiesrxx.exe
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [410608 2017-02-24] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [4148664 2013-10-07] (ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126712 2018-10-18] (Intel)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2014-09-23] ()
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\Run: [DellSystemDetect] => C:\Users\PC\AppData\Local\Apps\2.0\AXP02MEK.TEW\LP903LAY.HQX\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe [283432 2015-03-03] (Dell)
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\MountPoints2: {ea22ecce-cb30-11e4-be7f-8056f264031e} - "F:\autohtml.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.81\Installer\chrmstp.exe [2019-01-30] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-10-29] (Qualcomm®Atheros®)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-10-29] (Qualcomm®Atheros®)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do programu OneNote.lnk [2018-05-26]
ShortcutTarget: Odoslanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-12-30]
ShortcutTarget: Twitch.lnk -> C:\Users\PC\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 195.28.64.99 195.80.171.4
Tcpip\..\Interfaces\{67833ea8-559b-4b16-bdbf-916e387312d8}: [DhcpNameServer] 195.28.64.99 195.80.171.4
Internet Explorer:
==================
HKU\S-1-5-21-59747867-2715415877-556145779-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> 06510FF3985DC1CDFA0601F1A5C44831 URL =
SearchScopes: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> {3A0CCF5E-31E3-45A9-A90D-0F7578B74B72} URL = hxxp://yandex.com/yandsearch?win=184&clid=1989596&text={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-01-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-01-15] (Microsoft Corporation)
BHO: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
BHO-x32: The Amazon 1Button App for IE -> {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} -> C:\AmazonAppIE.dll [2013-06-07] (Amazon Inc.)
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
Toolbar: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244 [2019-01-28]
FF Homepage: Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244 -> hxxps://www.google.sk/
FF NewTabOverride: Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244 -> Enabled: pavel.sherbakov@gmail.com
FF Extension: (New Tab Page) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\Extensions\pavel.sherbakov@gmail.com.xpi [2019-01-21]
FF Extension: (Speed Dial) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-09-06] [Legacy]
FF Extension: (Speed Dial) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\Extensions\{6c3bd1f7-54d6-400f-b074-03b70bab4d71}.xpi [2017-12-16]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\searchplugins\ask-web-search.xml [2015-07-07]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: (ESET Endpoint Security Extension) - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2015-07-09] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-59747867-2715415877-556145779-1001: LWA64Plugin15.8 -> C:\Users\PC\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\npLWAPlugin15.8-x64.dll [2015-02-10] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-59747867-2715415877-556145779-1001: LWAPlugin15.8 -> C:\Users\PC\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\npLWAPlugin15.8.dll [2015-02-10] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> yandex.ru
CHR NewTab: Default -> Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://yandex.ru/search/?__PARAM__from=chromesearch&text={searchTerms}
CHR DefaultSearchKeyword: Default -> yandex.ru
CHR DefaultSuggestURL: Default -> hxxp://suggest.yandex.net/suggest-ff.cgi?uil=ru&part={searchTerms}
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2019-01-30]
CHR Extension: (Prezentácie) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-22]
CHR Extension: (Dokumenty) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22]
CHR Extension: (Disk Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-14]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-03]
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cncgohepihcekklokhbhiblhfcmipbdh [2016-07-02]
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-14]
CHR Extension: (Tabuľky) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-22]
CHR Extension: (Стартовая — Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehngeifmelphpllncobkmimphfkckne [2016-07-02]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-15]
CHR Extension: (Speed Dial 2) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2018-04-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-22]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-12]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-30]
CHR HKLM-x32\...\Chrome\Extension: [cncgohepihcekklokhbhiblhfcmipbdh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gehngeifmelphpllncobkmimphfkckne] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mdeldjolamfbcgnndjmjjiinnhbnbnla] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atiesrxx.exe [508512 2018-12-19] (AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23800 2018-10-18] (Intel)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [42048 2013-10-07] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1025584 2013-10-07] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [191368 2013-10-07] (ESET)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-09-19] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382448 2017-02-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21312 2017-03-29] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-01] (Intel Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265640 2018-09-26] (Synaptics Incorporated)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [194792 2018-09-19] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [185344 2017-02-13] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-09-19] ()
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-02-08] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atikmdag.sys [52749408 2018-12-19] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atikmpag.sys [590432 2018-12-19] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103712 2018-10-18] (Advanced Micro Devices, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [219184 2013-10-25] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [185224 2013-09-09] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [155896 2013-09-09] (ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [147096 2013-09-09] (ESET)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2017-01-23] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [43008 2018-09-19] ()
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-03-05] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [53880 2018-09-26] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S2 iocbios2; \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-30 10:30 - 2019-01-30 10:31 - 000023361 _____ C:\Users\PC\Downloads\FRST.txt
2019-01-30 10:29 - 2019-01-30 10:30 - 000000000 ____D C:\FRST
2019-01-30 10:28 - 2019-01-30 10:29 - 002428416 _____ (Farbar) C:\Users\PC\Downloads\FRST64.exe
2019-01-28 12:38 - 2019-01-28 12:39 - 000144960 _____ C:\WINDOWS\ntbtlog.txt
2019-01-28 12:38 - 2019-01-28 12:38 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-01-28 11:26 - 2019-01-29 16:52 - 000003084 _____ C:\WINDOWS\System32\Tasks\AMDLinkUpdate
2019-01-25 15:40 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2019-01-25 15:40 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2019-01-25 15:39 - 2019-01-25 15:39 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2019-01-25 15:24 - 2019-01-25 15:24 - 000001818 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-01-25 15:24 - 2019-01-25 15:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-01-25 15:24 - 2019-01-25 15:24 - 000000000 ____D C:\Program Files\iPod
2019-01-25 15:22 - 2019-01-25 15:24 - 000000000 ____D C:\Program Files\iTunes
2019-01-25 15:22 - 2019-01-25 15:23 - 029278224 _____ (Intel Corporation) C:\Users\PC\Downloads\XTUSetup.exe
2019-01-25 15:02 - 2019-01-25 15:02 - 000007605 _____ C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2019-01-23 15:16 - 2019-01-23 15:34 - 000000000 ____D C:\Users\PC\Desktop\USB ADATA - kopia
2019-01-20 22:01 - 2019-01-20 22:01 - 000000570 _____ C:\Users\PC\Desktop\tulipány - Béreš.BPR
2019-01-18 20:11 - 2019-01-18 20:11 - 012243172 _____ C:\Users\PC\Desktop\Stromy 2019.pdf
2019-01-09 15:09 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 15:09 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 15:09 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 15:09 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 15:09 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 15:09 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 15:09 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 15:09 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 15:09 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 15:09 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 15:09 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 15:09 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 15:09 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 15:09 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 15:09 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 15:09 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 15:09 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 15:09 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 15:09 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 15:09 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 15:09 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 15:09 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 15:09 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 15:09 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 15:09 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 15:09 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 15:09 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 15:09 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 15:09 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 15:09 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 15:08 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 15:08 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 15:08 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 15:08 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 15:08 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 15:08 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 15:08 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 15:08 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 15:08 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 15:08 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 15:08 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 15:08 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 15:08 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 15:08 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 15:08 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 15:08 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 15:08 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 15:08 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 15:08 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 15:08 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 15:08 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 15:08 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 15:08 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 15:08 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 15:08 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 15:08 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 15:08 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 15:08 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 15:08 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 15:08 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 15:08 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 15:08 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 15:08 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 15:08 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 15:08 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 15:08 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 15:08 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 15:08 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 15:08 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 15:08 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 15:08 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 15:08 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 15:08 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 15:08 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 15:08 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-04 20:56 - 1995-01-01 01:00 - 000000044 _____ C:\Users\PC\Desktop\Track01.cda
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-30 10:12 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-30 10:11 - 2018-06-01 09:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-30 10:08 - 2018-06-01 09:47 - 000004134 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EE1F8749-5733-4956-A39E-BC754026FB52}
2019-01-30 00:25 - 2015-03-22 09:09 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-29 22:58 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-29 16:52 - 2018-10-18 18:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-01-29 16:52 - 2018-06-01 09:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-29 16:52 - 2017-07-12 22:10 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-29 16:52 - 2015-11-29 08:22 - 000000000 __SHD C:\Users\PC\IntelGraphicsProfiles
2019-01-29 16:51 - 2018-10-18 19:44 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-01-29 16:51 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-01-29 16:32 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-29 14:28 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-29 14:27 - 2018-07-10 17:37 - 000000000 ____D C:\ProgramData\Packages
2019-01-28 12:24 - 2018-06-01 09:47 - 000003344 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-59747867-2715415877-556145779-1001
2019-01-28 12:24 - 2018-06-01 09:10 - 000002356 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-28 12:24 - 2015-03-04 00:20 - 000000000 ___RD C:\Users\PC\OneDrive
2019-01-28 12:04 - 2016-11-20 12:33 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla
2019-01-25 15:53 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-25 15:53 - 2015-03-03 20:03 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-25 15:53 - 2015-03-03 01:40 - 000000000 ____D C:\Program Files (x86)\Intel
2019-01-25 15:53 - 2013-10-15 19:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-01-25 15:47 - 2013-10-15 19:48 - 000000000 ____D C:\ProgramData\Intel
2019-01-25 15:41 - 2018-12-30 17:13 - 000000000 ____D C:\Users\PC\AppData\Roaming\Twitch
2019-01-25 15:39 - 2013-10-15 20:10 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2019-01-25 15:26 - 2016-11-19 23:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-01-25 15:26 - 2015-03-15 18:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-25 15:19 - 2017-12-20 22:51 - 000000000 ___HD C:\Users\PC\MicrosoftEdgeBackups
2019-01-24 16:26 - 2018-06-04 16:26 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2019-01-23 15:16 - 2018-12-08 11:34 - 000000000 ____D C:\Users\PC\Desktop\USB - kopia
2019-01-22 18:13 - 2018-08-14 13:24 - 000000000 ____D C:\BEATA - C
2019-01-22 16:17 - 2017-03-14 17:55 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2019-01-22 16:13 - 2017-03-14 17:54 - 000001137 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-01-22 15:59 - 2015-03-15 17:52 - 000000712 _____ C:\Users\PC\Desktop\BEATA.lnk
2019-01-20 22:17 - 2017-12-20 22:10 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2019-01-19 15:23 - 2018-10-18 18:17 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2019-01-18 19:39 - 2018-11-17 12:33 - 000000000 ____D C:\Program Files\rempl
2019-01-17 21:35 - 2017-10-22 16:14 - 000000000 ____D C:\Users\PC\AppData\Local\Battle.net
2019-01-16 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-15 20:09 - 2015-03-04 00:14 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-01-13 15:25 - 2016-09-06 15:37 - 000001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-01-09 22:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 22:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 15:43 - 2015-03-02 21:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 15:33 - 2015-03-02 21:11 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-08 13:05 - 2018-06-01 09:47 - 000004560 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-08 13:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-01-08 13:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-06 09:34 - 2015-11-11 13:47 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-02 20:41 - 2018-11-15 10:27 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-11-15 10:27 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-01 10:50 - 2015-03-25 12:06 - 000001514 _____ C:\Users\PC\Desktop\Lazarus.lnk
==================== Files in the root of some directories =======
2018-07-03 17:44 - 2003-03-21 11:45 - 000250544 _____ (KeyWorks Software) C:\Program Files (x86)\Common Files\keyhelp.ocx
2017-04-23 18:26 - 2017-04-23 18:27 - 000004608 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-17 13:48 - 2017-07-17 13:48 - 000000218 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2019-01-25 15:02 - 2019-01-25 15:02 - 000007605 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-01 09:02
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2019
Ran by PC (30-01-2019 10:31:29)
Running from C:\Users\PC\Downloads
Windows 10 Home Version 1803 17134.523 (X64) (2018-06-01 08:48:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-59747867-2715415877-556145779-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-59747867-2715415877-556145779-503 - Limited - Disabled)
Guest (S-1-5-21-59747867-2715415877-556145779-501 - Limited - Disabled)
PC (S-1-5-21-59747867-2715415877-556145779-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-59747867-2715415877-556145779-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{B753FD71-4EB8-4842-9016-B1B97ACBDC79}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{E43C1D03-D1BF-4DF9-A6F3-E483EA8B01CA}) (Version: 3.6.0.4 - Intel) Hidden
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Amazon 1Button App for Windows Taskbar (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.2 - Amazon) <==== ATTENTION
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.12.3 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Application Verifier x64 External Package (HKLM\...\{01C2C51F-B0CF-BB5E-A010-E927D44F7720}) (Version: 10.1.15063.137 - Microsoft) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{E598B692-764A-413C-8530-59163D6B4AE3}) (Version: 4.6.01590 - Microsoft Corporation) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{98CB551E-EDB1-4535-82A6-E3258597F64E}) (Version: 2.7.1000.0 - Dell Products, LP)
Dell System Detect (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.70 - Synaptics Incorporated)
Dell Update - SupportAssist Update Plugin (HKLM\...\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}) (Version: 4.0.1.5857 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
Dell Update (HKLM-x32\...\{D8AE5F9D-647C-49B4-A666-1C20B44EC0E1}) (Version: 2.1.3.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DiagnosticsHub_CollectionService (HKLM\...\{90A561D7-0C29-464D-94E1-2A7E1C553230}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation)
ESET Endpoint Antivirus (HKLM\...\{5E61428E-4390-4D59-95C3-CA10DF482083}) (Version: 5.0.2225.1 - ESET, spol s r. o.)
GIMP 2.10.6 (HKLM\...\GIMP-2_is1) (Version: 2.10.6 - The GIMP Team)
Google Earth Pro (HKLM-x32\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.81 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HashCalc 2.02 (HKLM-x32\...\HashCalc_is1) (Version: - SlavaSoft Inc.)
HotPotatoes v 6.3.0.5 (HKLM-x32\...\hotpot_is1) (Version: - HalfBaked)
icecap_collection_neutral (HKLM-x32\...\{64F3E6FC-68E3-4062-9C2C-ABD93FDFF309}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{0AD162D1-4973-4315-97E9-5DE9A92B4049}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{12C50688-5919-4A7A-8784-B26A7238FCEE}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{400E7885-8851-43F1-849C-5A720CB4F001}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Computing Improvement Program (HKLM\...\{58FBAE3A-E602-47E6-9F32-AE25D48B378A}) (Version: 2.4.04140 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{e5a12991-d0a9-4922-a125-fce431f55219}) (Version: 3.6.0.4 - Intel)
Intellisense Lang Pack Mobile Extension SDK 10.0.15063.0 (HKLM-x32\...\{A0007ADE-F6F6-410F-822F-7522B4F0BFDE}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{CB6A0A57-6479-4017-B4B2-3BB85EC79CEB}) (Version: 12.9.3.3 - Apple Inc.)
JetBrains PyCharm Edu 2018.2 (HKLM-x32\...\PyCharm Edu 2018.2) (Version: 182.3684.126 - JetBrains s.r.o.)
Kits Configuration Installer (HKLM-x32\...\{0C05DE52-2C77-D6FA-A561-D508CF5FC96E}) (Version: 10.1.15063.137 - Microsoft) Hidden
Lazarus 1.2.4 (HKLM\...\lazarus_is1) (Version: 1.2.4 - Lazarus Team)
Microsoft Lync Web App Plug-in (HKLM-x32\...\{51CF81C5-8540-44BB-8ABB-F8F4C0F2B971}) (Version: 15.8.20018.735 - Microsoft Corporation)
Microsoft Office 2013 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 15.0.5101.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2017 (HKLM-x32\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.10.30640.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{5CB4DD27-6252-4C08-BFCF-22F6A110CBFA}) (Version: 10.0.1972 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 64.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 64.0.2 (x64 sk)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 64.0.2.6947 - Mozilla)
mtPaint 3.40 (HKLM-x32\...\mtPaint_is1) (Version: - Dmitry Groshev)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.3.6261.27 - PC-Doctor, Inc.)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
PX Profile Update (HKLM-x32\...\{641E7514-9647-105C-757D-A8F2C172D3BF}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{873CCF4A-6FC2-69A5-9AD4-FD37D7FCE6B9}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{A85474B2-30B3-2757-1958-4483E958BE9E}) (Version: 1.00.1. - AMD) Hidden
Python 3.7.0 (32-bit) (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\{ece37911-ffeb-4f29-95d6-abcf555d7364}) (Version: 3.7.150.0 - Python Software Foundation)
Python 3.7.0 Add to Path (32-bit) (HKLM-x32\...\{1960E5AE-BA13-4FA1-B0CE-55B9F0291903}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Core Interpreter (32-bit) (HKLM-x32\...\{13BB06D9-FD38-47E5-946E-C2606C554030}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Development Libraries (32-bit) (HKLM-x32\...\{B424BE74-3C96-4974-8754-9D6442286112}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Documentation (32-bit) (HKLM-x32\...\{ABEE159E-FE5B-4E58-BDD7-1DED2F10AAEB}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Executables (32-bit) (HKLM-x32\...\{4642A126-F999-4407-801B-C1C89BDA58C5}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 pip Bootstrap (32-bit) (HKLM-x32\...\{69CFC76B-3434-4919-8885-BA7960725137}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Standard Library (32-bit) (HKLM-x32\...\{09160A5D-8B99-4A89-9E9D-8A6D8E9C7EC1}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{8A09EA6B-C86C-4ECA-8742-C4C1BCA96845}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Test Suite (32-bit) (HKLM-x32\...\{717DB3B4-C457-447B-A8A6-6921A4D917EF}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Utility Scripts (32-bit) (HKLM-x32\...\{FC756D1E-1252-406E-8414-E11FAF97F3C7}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{D6BDDB48-938A-4384-A7BE-2B4E4931B111}) (Version: 3.7.6386.0 - Python Software Foundation)
QNAP Qfinder Pro (HKLM-x32\...\QNAP_FINDER) (Version: 5.2.1.1224 - QNAP Systems, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.018 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
SGP Baltie 3.0.71.76 (HKLM-x32\...\SGP Baltík 3_is1) (Version: - SGP Systems, s.r.o.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SmartPSS 2.02.0 (HKLM-x32\...\SmartPSS) (Version: 2.02.0 - )
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Twitch (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
TypeScript Power Tool (HKLM-x32\...\{F0B4CA92-9642-4BE6-8449-A786AD4FA628}) (Version: 2.2.3.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{ADD45F52-630A-4F45-8879-A8DB80DF921B}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{919D63C5-565C-F1C3-67D9-353FE902EF11}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0AAB833E-034D-430B-D3E4-39C5753B14AC}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{D29934EC-24B6-0F5D-C6BB-E9ECCF220C12}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{2410D879-0C8F-B254-C207-455E119075B6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{485209AE-37CE-2208-59CB-7BB59AA85BE7}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{93FDC294-0726-48EA-989D-50E89C67ABF0}) (Version: 14.10.25008 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{D8A4EA2B-1A97-45A5-BF96-7493183F8524}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{3B64C68E-14E0-4214-A53D-502E9FBD32E7}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{1070C8E8-4DFB-419F-984A-5C835828897E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{B9F4AA09-F4AC-4108-ADA0-27CDD45FCEC3}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{AEF5E0F2-31D1-454A-A992-C523C0007B4D}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{DE8B48BF-82B9-434A-B254-1EA2306E5FBA}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{A041943F-C97B-48F6-8F23-C5078F99BB3A}) (Version: 15.0.26323 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{1210EE60-E253-407D-B537-D36898049CF0}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{581E5656-26E2-4A02-9711-48C8E4998310}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{15D591B0-7B40-4957-B6C0-EB7452B5AAB6}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{DC296244-0701-4EDE-9696-05B9C1D017B3}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{11230C85-1813-4BC3-9C24-E0B74B59653E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{9477F337-FD16-4ACA-8217-E2D7A0F92603}) (Version: 15.0.26301 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{497A5ACE-DA03-4412-A110-910B2C450720}) (Version: 15.0.26424 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{A8B77523-13AB-46B9-B54F-5483E09668F9}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{D396CF10-5F2B-417D-9571-0B669B99440E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{A32A9CF6-E7AA-48B8-A3D3-50C157E69F53}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
WeatherBug® (HKLM-x32\...\WeatherBug®) (Version: 10.0.7.4 - Earth Networks, Inc.)
WinAppDeploy (HKLM-x32\...\{80859F5A-D13C-AB8E-4659-B630CFE2599D}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{30DCCFB4-068F-4C5C-BC10-5ECDCAEE55D4}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.15063.137 (HKLM-x32\...\{a07b4a01-ca27-4e28-9353-f325a308f128}) (Version: 10.1.15063.137 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{45B6202F-A716-C68A-199E-43B106B56A7E}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{357D0CD4-8B72-8D65-7015-81DFB2BF9150}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{3E5375A1-0E4C-34E3-6294-C1C8BDA823E4}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E2F78B92-04DE-5350-14C0-7C281BF87D9E}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{6CE744AE-7E0F-00AF-F1BD-077D9AFCBEC6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{81A0EC8C-9462-BC98-0E5C-301DD7A46792}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{FAD08838-3937-0F6C-8787-FDFDFBF63502}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D089A695-49F0-D3B2-0EBF-2BBC33A05CD6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zoner Callisto 4 (HKLM-x32\...\{B530C7EE-9C40-11D4-8583-004F4E03F091}) (Version: 4.0.2481.4 - ZONER software)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_SK_is1) (Version: 5.0.5000.16 - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-59747867-2715415877-556145779-1001_Classes\CLSID\{7ECF6F97-B4F3-4168-9835-F59C06D7875F}\InprocServer32 -> C:\Users\PC\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\GatewayActiveX-x64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-07-23] ()
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-12-10] (Cyberlink)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2013-10-07] (ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-12-10] (Cyberlink)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2013-10-07] (ESET)
ContextMenuHandlers2-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-24] (Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2013-10-07] (ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {013B5B7A-4040-4483-9FD7-C501A8927D0D} - \WPD\SqmUpload_S-1-5-21-59747867-2715415877-556145779-1001 -> No File <==== ATTENTION
Task: {0A248988-EE4A-462B-BEB9-786643EB0E74} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {0BA72D0D-D60B-409C-978F-A9700FF9404D} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [2018-12-18] (Advanced Micro Devices, Inc.)
Task: {15171291-5481-436B-856E-9FDF9AF434FE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {16A631EC-28BF-480B-98DE-7657E4EA12B3} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bfe33ea0c353 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {257509FF-56DE-4324-8265-6D745722E188} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3D1B2A95-2342-4523-95A3-26A0B1D3A0A7} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3F084624-C729-47D4-8F37-3D3B3087FDBE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {632E2C08-0CB4-4533-AA1A-8189DFF5A5BB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {643F42B2-A5E3-44EE-B138-E829F2030A65} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {67F59649-F451-4E59-87C1-4ED03E532B44} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {68EAFE63-EB1D-4A82-9808-DF0559991F30} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2019-01-09] (Microsoft Corporation)
Task: {6A60A4A7-A4E9-414F-AEDF-9FB1418EC8FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6A95F88C-CA9B-4F85-87B8-37DE6F58A58E} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e3481821f8d1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {6BF7B3DB-FAF7-4FB6-A31A-D5593D04B7C1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6EB89210-975E-479F-AFDD-670F92745001} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2018-09-26] (Synaptics Incorporated)
Task: {6FAAA82B-EF0C-426F-88A4-4D9F47E2D154} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {72D53C99-B624-4080-8E8B-51C578D70504} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {76E88FE8-A3E9-443F-BFE8-926E12AE239C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {7D54384B-31F5-433F-AB3C-61E1929F3CD9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {7E0D1DF3-E0EC-4216-AE82-67395F72C267} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {856029CE-CADD-4BB2-A50D-0F1D1DAFD47E} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {8719B7B5-7270-4FB6-BF20-AC7B622F55A4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {8F6F39A1-7DF2-4CDA-A43B-965FA8D03BBF} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [2015-12-24] ()
Task: {90781BD0-A542-48DF-B302-4DC88A4BED01} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {9571EB9E-873A-4CA8-8F13-9F5C50EE18EA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {AB86CAD1-D6C3-48E6-BC18-C154603290FA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BDB52989-2FF5-4F91-9239-77D56D932AD0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C409CBDD-0AEC-4E57-ABD4-37CFC15BF4E6} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [2018-12-18] (Advanced Micro Devices, Inc.)
Task: {CA8BAA96-578B-434F-BB64-C31224F8CE1F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CDD1E507-1B7A-416A-B71B-8DEDB3BE23EB} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {D362FFBB-0FA6-4800-9037-1B2412C1B467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {D84A4084-B9DE-40F6-A0A3-796DFD7C3C62} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {D9822DCF-6D0E-44FB-A37D-CB5E3A9043DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {E0781ED3-218B-403C-A4DA-9320D568C666} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {E7FFB253-D9B5-4640-83A6-3148A8D68C63} - System32\Tasks\{D374413C-15A6-4E2E-8F0F-96A509F2FDD6} => C:\WINDOWS\system32\pcalua.exe -a D:\start.exe -d D:\ -c zca4net.ctx
Task: {E94218FD-918A-4BAE-BF5A-59F6F76E14B0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EFC41E06-BD68-48F4-93BA-FE6C6AA3246D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {F4DC831D-B6F5-4DAF-91FB-46314B109C00} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f3cfa88d44e2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e3481821f8d1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\PC\Desktop\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
==================== Loaded Modules (Whitelisted) ==============
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2015-03-04 00:14 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-15 20:05 - 2012-04-25 03:43 - 000254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2018-09-19 00:51 - 2018-09-19 00:51 - 000194792 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2018-03-16 14:19 - 2018-03-16 14:19 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2019-01-15 01:27 - 2019-01-15 01:27 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 19:41 - 2015-12-24 05:29 - 001739952 _____ () C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-11 20:34 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-07-23 01:14 - 2018-07-23 01:14 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2017-02-24 19:07 - 2017-02-24 19:07 - 000410608 _____ () C:\WINDOWS\system32\igfxTray.exe
2019-01-09 15:09 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-01-23 18:10 - 2019-01-23 18:11 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-10-04 20:19 - 2018-10-04 20:20 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-23 18:10 - 2019-01-23 18:10 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-11-07 10:05 - 2018-11-07 10:06 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-07 10:05 - 2018-11-07 10:05 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-07 10:05 - 2018-11-07 10:05 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2019-01-17 16:43 - 2019-01-17 16:43 - 025375744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
2019-01-17 16:43 - 2019-01-17 16:43 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-02 16:58 - 2017-12-02 16:58 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 15:43 - 2018-11-29 15:43 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-17 16:43 - 2019-01-17 16:43 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2013-10-15 20:03 - 2012-06-08 04:34 - 000627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 19:34 - 2012-06-08 19:34 - 000016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-12-21 10:24 - 2016-12-21 10:24 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2013-08-07 22:27 - 2013-08-07 22:27 - 000110088 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2018-03-27 12:41 - 2018-03-27 12:41 - 000134616 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2013-10-15 19:48 - 2013-06-01 13:31 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\dell.com -> dell.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-59747867-2715415877-556145779-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 195.28.64.99 - 195.80.171.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\StartupApproved\StartupFolder: => "Odoslanie do programu OneNote.lnk"
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\StartupApproved\Run: => "DellSystemDetect"
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\StartupApproved\Run: => "WeatherBug"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{30102924-5B07-4F35-B38A-88A55A3DF3CB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{B82D7B9B-5C5D-4015-AA3B-15FD2522B401}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{52C3E1C5-4496-4259-A5CE-E9654E0D25E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{21A9E341-1AD0-4730-B24B-AB0BC29B571B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{47D6AC27-7388-4A14-ACB3-F807EF8E9578}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
FirewallRules: [UDP Query User{44C0892B-2AA4-4853-9471-5061AE5214C3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe ()
FirewallRules: [TCP Query User{1D92281C-E484-40E4-BB82-0F7369F4D121}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe ()
FirewallRules: [UDP Query User{24D1BB75-0CB7-47A5-8713-3B40697D7CE7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.1040\agent.exe No File
FirewallRules: [TCP Query User{D2BFE56A-3216-4465-AB6A-48FDE2C483D7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.1040\agent.exe No File
FirewallRules: [{DCDD8281-8ED8-4727-81EF-932339B8DA94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{DF0E5290-F93D-4F47-8293-80BB0C010BC3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{3C539A0C-B20B-49E7-B5BF-363AF86D6BF9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{79DACAE1-41B7-4DAB-8414-7DEF7E2A5469}] => (Allow) C:\Users\PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe No File
FirewallRules: [{0F325A8E-1DC9-420C-9E88-9AA4FBF968E7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp.)
FirewallRules: [{555D19B8-199D-403B-842C-A1AA658779FB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp.)
FirewallRules: [{25477EC7-CA0E-4727-8E8B-D2C172A0E6F7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp.)
FirewallRules: [{A0E4B23F-E218-4564-81CE-1E3605F14CBB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{30AF35B5-0AC1-4E18-951B-BEA2DDF20599}] => (Allow) LPort=2869
FirewallRules: [{8379E442-DD20-4D0C-BE8D-DDFFFB33FD1C}] => (Allow) LPort=1900
FirewallRules: [{5C341CDB-BC63-4625-8FA9-2A1B840ABE90}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{625811B6-EE19-462D-9CB4-51366EB7D4CF}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [TCP Query User{55DF7898-883A-42E5-B664-E0441BCC71BB}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe ()
FirewallRules: [UDP Query User{40A0BD19-8C45-4E9F-8212-72749E8A19F8}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe ()
FirewallRules: [TCP Query User{6AF7D5CD-BD20-4972-B556-F20262FD8252}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [UDP Query User{F155DFBD-C08F-40B0-BAEA-E9E3351486C9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{2641C3BE-3734-47EB-AEC2-48F656FC372B}C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe ()
FirewallRules: [UDP Query User{10E0D422-CE56-4717-9695-2CAEDAE5DB8E}C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe ()
FirewallRules: [TCP Query User{53843B4E-A846-44E1-9329-A151960DE920}C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe (Apache Software Foundation)
FirewallRules: [UDP Query User{647C6AEF-8AA9-4402-B048-D204C827FA2C}C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe (Apache Software Foundation)
FirewallRules: [{E005A339-601F-4DD9-8A5C-78CCEDC3271A}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{CB11E425-466B-4CAF-AAF0-DBECCF0F516B}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{EA257FD9-3346-445D-B1C8-25762CE4B11D}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{00432F27-7E28-4EF5-BD69-CCD91B13CDB1}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{29DE1495-419E-48B6-94A9-C9CAEDE9069F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{AD788316-0F0A-438E-93BB-CC52310DDF1B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{695A40C3-4767-43F5-92B7-CAC69182A32D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{D5B94C70-5B75-4AB4-981A-1693174FD208}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [TCP Query User{EC665A8C-9788-40EC-971F-F8133C4A7B7B}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{7E1D0964-37E4-4BB9-B0B3-F0941F846968}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [TCP Query User{78F96B74-BCF8-46D3-A38D-7B70BB912D8E}C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Block) C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment)
FirewallRules: [UDP Query User{12F59E3A-0A20-44F7-A50D-582A5A980405}C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Block) C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment)
FirewallRules: [{ED310E81-1993-4BB9-AE0E-6B2FF9B77BB6}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
FirewallRules: [{4B4292D7-872C-41A9-997F-BA717C835CE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
==================== Restore Points =========================
17-01-2019 17:15:08 Scheduled Checkpoint
28-01-2019 11:37:18 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/30/2019 10:25:17 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Dell)
Description: httphttp-2147467263
Error: (01/30/2019 10:07:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 09:06:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 08:05:04 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 07:04:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 06:03:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 05:02:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 04:02:01 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
System errors:
=============
Error: (01/30/2019 10:21:38 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 10:11:51 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 10:11:51 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 10:11:50 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 10:11:50 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 10:11:36 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 10:11:36 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 10:11:36 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 31%
Total physical RAM: 7908.96 MB
Available physical RAM: 5428.88 MB
Total Virtual: 9188.96 MB
Available Virtual: 6533.38 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:292.15 GB) (Free:38.88 GB) NTFS
Drive e: () (Fixed) (Total:625.02 GB) (Free:172.82 GB) NTFS
\\?\Volume{6b723fca-7ca8-4185-ba39-f9d013817b69}\ (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.2 GB) NTFS
\\?\Volume{2f637da8-09f6-42d6-a98e-e9e430c56898}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS
\\?\Volume{e5350e30-3191-4427-b802-595da6d434e7}\ (PBR Image) (Fixed) (Total:12.39 GB) (Free:0.71 GB) NTFS
\\?\Volume{d4b43b03-c251-4358-8377-de09233073c3}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 37E884AF)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by PC (administrator) on DELL (30-01-2019 10:30:28)
Running from C:\Users\PC\Downloads
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Angličtina (USA)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atiesrxx.exe
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [410608 2017-02-24] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [4148664 2013-10-07] (ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126712 2018-10-18] (Intel)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2014-09-23] ()
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\Run: [DellSystemDetect] => C:\Users\PC\AppData\Local\Apps\2.0\AXP02MEK.TEW\LP903LAY.HQX\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe [283432 2015-03-03] (Dell)
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\MountPoints2: {ea22ecce-cb30-11e4-be7f-8056f264031e} - "F:\autohtml.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.81\Installer\chrmstp.exe [2019-01-30] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-10-29] (Qualcomm®Atheros®)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-10-29] (Qualcomm®Atheros®)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do programu OneNote.lnk [2018-05-26]
ShortcutTarget: Odoslanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-12-30]
ShortcutTarget: Twitch.lnk -> C:\Users\PC\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 195.28.64.99 195.80.171.4
Tcpip\..\Interfaces\{67833ea8-559b-4b16-bdbf-916e387312d8}: [DhcpNameServer] 195.28.64.99 195.80.171.4
Internet Explorer:
==================
HKU\S-1-5-21-59747867-2715415877-556145779-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> 06510FF3985DC1CDFA0601F1A5C44831 URL =
SearchScopes: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> {3A0CCF5E-31E3-45A9-A90D-0F7578B74B72} URL = hxxp://yandex.com/yandsearch?win=184&clid=1989596&text={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-01-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-01-15] (Microsoft Corporation)
BHO: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
BHO-x32: The Amazon 1Button App for IE -> {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} -> C:\AmazonAppIE.dll [2013-06-07] (Amazon Inc.)
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
Toolbar: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244 [2019-01-28]
FF Homepage: Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244 -> hxxps://www.google.sk/
FF NewTabOverride: Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244 -> Enabled: pavel.sherbakov@gmail.com
FF Extension: (New Tab Page) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\Extensions\pavel.sherbakov@gmail.com.xpi [2019-01-21]
FF Extension: (Speed Dial) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-09-06] [Legacy]
FF Extension: (Speed Dial) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\Extensions\{6c3bd1f7-54d6-400f-b074-03b70bab4d71}.xpi [2017-12-16]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\searchplugins\ask-web-search.xml [2015-07-07]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: (ESET Endpoint Security Extension) - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2015-07-09] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-59747867-2715415877-556145779-1001: LWA64Plugin15.8 -> C:\Users\PC\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\npLWAPlugin15.8-x64.dll [2015-02-10] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-59747867-2715415877-556145779-1001: LWAPlugin15.8 -> C:\Users\PC\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\npLWAPlugin15.8.dll [2015-02-10] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> yandex.ru
CHR NewTab: Default -> Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://yandex.ru/search/?__PARAM__from=chromesearch&text={searchTerms}
CHR DefaultSearchKeyword: Default -> yandex.ru
CHR DefaultSuggestURL: Default -> hxxp://suggest.yandex.net/suggest-ff.cgi?uil=ru&part={searchTerms}
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2019-01-30]
CHR Extension: (Prezentácie) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-22]
CHR Extension: (Dokumenty) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22]
CHR Extension: (Disk Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-14]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-03]
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cncgohepihcekklokhbhiblhfcmipbdh [2016-07-02]
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-14]
CHR Extension: (Tabuľky) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-22]
CHR Extension: (Стартовая — Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehngeifmelphpllncobkmimphfkckne [2016-07-02]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-15]
CHR Extension: (Speed Dial 2) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2018-04-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-22]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-12]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-30]
CHR HKLM-x32\...\Chrome\Extension: [cncgohepihcekklokhbhiblhfcmipbdh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gehngeifmelphpllncobkmimphfkckne] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mdeldjolamfbcgnndjmjjiinnhbnbnla] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atiesrxx.exe [508512 2018-12-19] (AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23800 2018-10-18] (Intel)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [42048 2013-10-07] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1025584 2013-10-07] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [191368 2013-10-07] (ESET)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-09-19] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382448 2017-02-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21312 2017-03-29] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-01] (Intel Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265640 2018-09-26] (Synaptics Incorporated)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [194792 2018-09-19] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [185344 2017-02-13] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-09-19] ()
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-02-08] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atikmdag.sys [52749408 2018-12-19] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atikmpag.sys [590432 2018-12-19] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103712 2018-10-18] (Advanced Micro Devices, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [219184 2013-10-25] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [185224 2013-09-09] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [155896 2013-09-09] (ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [147096 2013-09-09] (ESET)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2017-01-23] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [43008 2018-09-19] ()
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-03-05] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [53880 2018-09-26] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S2 iocbios2; \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-30 10:30 - 2019-01-30 10:31 - 000023361 _____ C:\Users\PC\Downloads\FRST.txt
2019-01-30 10:29 - 2019-01-30 10:30 - 000000000 ____D C:\FRST
2019-01-30 10:28 - 2019-01-30 10:29 - 002428416 _____ (Farbar) C:\Users\PC\Downloads\FRST64.exe
2019-01-28 12:38 - 2019-01-28 12:39 - 000144960 _____ C:\WINDOWS\ntbtlog.txt
2019-01-28 12:38 - 2019-01-28 12:38 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-01-28 11:26 - 2019-01-29 16:52 - 000003084 _____ C:\WINDOWS\System32\Tasks\AMDLinkUpdate
2019-01-25 15:40 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2019-01-25 15:40 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2019-01-25 15:39 - 2019-01-25 15:39 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2019-01-25 15:24 - 2019-01-25 15:24 - 000001818 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-01-25 15:24 - 2019-01-25 15:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-01-25 15:24 - 2019-01-25 15:24 - 000000000 ____D C:\Program Files\iPod
2019-01-25 15:22 - 2019-01-25 15:24 - 000000000 ____D C:\Program Files\iTunes
2019-01-25 15:22 - 2019-01-25 15:23 - 029278224 _____ (Intel Corporation) C:\Users\PC\Downloads\XTUSetup.exe
2019-01-25 15:02 - 2019-01-25 15:02 - 000007605 _____ C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2019-01-23 15:16 - 2019-01-23 15:34 - 000000000 ____D C:\Users\PC\Desktop\USB ADATA - kopia
2019-01-20 22:01 - 2019-01-20 22:01 - 000000570 _____ C:\Users\PC\Desktop\tulipány - Béreš.BPR
2019-01-18 20:11 - 2019-01-18 20:11 - 012243172 _____ C:\Users\PC\Desktop\Stromy 2019.pdf
2019-01-09 15:09 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 15:09 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 15:09 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 15:09 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 15:09 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 15:09 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 15:09 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 15:09 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 15:09 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 15:09 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 15:09 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 15:09 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 15:09 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 15:09 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 15:09 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 15:09 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 15:09 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 15:09 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 15:09 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 15:09 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 15:09 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 15:09 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 15:09 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 15:09 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 15:09 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 15:09 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 15:09 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 15:09 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 15:09 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 15:09 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 15:08 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 15:08 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 15:08 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 15:08 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 15:08 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 15:08 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 15:08 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 15:08 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 15:08 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 15:08 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 15:08 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 15:08 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 15:08 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 15:08 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 15:08 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 15:08 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 15:08 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 15:08 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 15:08 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 15:08 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 15:08 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 15:08 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 15:08 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 15:08 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 15:08 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 15:08 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 15:08 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 15:08 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 15:08 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 15:08 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 15:08 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 15:08 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 15:08 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 15:08 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 15:08 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 15:08 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 15:08 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 15:08 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 15:08 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 15:08 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 15:08 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 15:08 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 15:08 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 15:08 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 15:08 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-04 20:56 - 1995-01-01 01:00 - 000000044 _____ C:\Users\PC\Desktop\Track01.cda
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-30 10:12 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-30 10:11 - 2018-06-01 09:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-30 10:08 - 2018-06-01 09:47 - 000004134 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EE1F8749-5733-4956-A39E-BC754026FB52}
2019-01-30 00:25 - 2015-03-22 09:09 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-29 22:58 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-29 16:52 - 2018-10-18 18:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-01-29 16:52 - 2018-06-01 09:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-29 16:52 - 2017-07-12 22:10 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-29 16:52 - 2015-11-29 08:22 - 000000000 __SHD C:\Users\PC\IntelGraphicsProfiles
2019-01-29 16:51 - 2018-10-18 19:44 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-01-29 16:51 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-01-29 16:32 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-29 14:28 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-29 14:27 - 2018-07-10 17:37 - 000000000 ____D C:\ProgramData\Packages
2019-01-28 12:24 - 2018-06-01 09:47 - 000003344 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-59747867-2715415877-556145779-1001
2019-01-28 12:24 - 2018-06-01 09:10 - 000002356 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-28 12:24 - 2015-03-04 00:20 - 000000000 ___RD C:\Users\PC\OneDrive
2019-01-28 12:04 - 2016-11-20 12:33 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla
2019-01-25 15:53 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-25 15:53 - 2015-03-03 20:03 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-25 15:53 - 2015-03-03 01:40 - 000000000 ____D C:\Program Files (x86)\Intel
2019-01-25 15:53 - 2013-10-15 19:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-01-25 15:47 - 2013-10-15 19:48 - 000000000 ____D C:\ProgramData\Intel
2019-01-25 15:41 - 2018-12-30 17:13 - 000000000 ____D C:\Users\PC\AppData\Roaming\Twitch
2019-01-25 15:39 - 2013-10-15 20:10 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2019-01-25 15:26 - 2016-11-19 23:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-01-25 15:26 - 2015-03-15 18:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-25 15:19 - 2017-12-20 22:51 - 000000000 ___HD C:\Users\PC\MicrosoftEdgeBackups
2019-01-24 16:26 - 2018-06-04 16:26 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2019-01-23 15:16 - 2018-12-08 11:34 - 000000000 ____D C:\Users\PC\Desktop\USB - kopia
2019-01-22 18:13 - 2018-08-14 13:24 - 000000000 ____D C:\BEATA - C
2019-01-22 16:17 - 2017-03-14 17:55 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2019-01-22 16:13 - 2017-03-14 17:54 - 000001137 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-01-22 15:59 - 2015-03-15 17:52 - 000000712 _____ C:\Users\PC\Desktop\BEATA.lnk
2019-01-20 22:17 - 2017-12-20 22:10 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2019-01-19 15:23 - 2018-10-18 18:17 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2019-01-18 19:39 - 2018-11-17 12:33 - 000000000 ____D C:\Program Files\rempl
2019-01-17 21:35 - 2017-10-22 16:14 - 000000000 ____D C:\Users\PC\AppData\Local\Battle.net
2019-01-16 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-15 20:09 - 2015-03-04 00:14 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-01-13 15:25 - 2016-09-06 15:37 - 000001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-01-09 22:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 22:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 15:43 - 2015-03-02 21:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 15:33 - 2015-03-02 21:11 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-08 13:05 - 2018-06-01 09:47 - 000004560 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-08 13:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-01-08 13:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-06 09:34 - 2015-11-11 13:47 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-02 20:41 - 2018-11-15 10:27 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-11-15 10:27 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-01 10:50 - 2015-03-25 12:06 - 000001514 _____ C:\Users\PC\Desktop\Lazarus.lnk
==================== Files in the root of some directories =======
2018-07-03 17:44 - 2003-03-21 11:45 - 000250544 _____ (KeyWorks Software) C:\Program Files (x86)\Common Files\keyhelp.ocx
2017-04-23 18:26 - 2017-04-23 18:27 - 000004608 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-17 13:48 - 2017-07-17 13:48 - 000000218 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2019-01-25 15:02 - 2019-01-25 15:02 - 000007605 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-01 09:02
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2019
Ran by PC (30-01-2019 10:31:29)
Running from C:\Users\PC\Downloads
Windows 10 Home Version 1803 17134.523 (X64) (2018-06-01 08:48:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-59747867-2715415877-556145779-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-59747867-2715415877-556145779-503 - Limited - Disabled)
Guest (S-1-5-21-59747867-2715415877-556145779-501 - Limited - Disabled)
PC (S-1-5-21-59747867-2715415877-556145779-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-59747867-2715415877-556145779-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{B753FD71-4EB8-4842-9016-B1B97ACBDC79}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{E43C1D03-D1BF-4DF9-A6F3-E483EA8B01CA}) (Version: 3.6.0.4 - Intel) Hidden
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Amazon 1Button App for Windows Taskbar (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.2 - Amazon) <==== ATTENTION
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.12.3 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Application Verifier x64 External Package (HKLM\...\{01C2C51F-B0CF-BB5E-A010-E927D44F7720}) (Version: 10.1.15063.137 - Microsoft) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{E598B692-764A-413C-8530-59163D6B4AE3}) (Version: 4.6.01590 - Microsoft Corporation) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{98CB551E-EDB1-4535-82A6-E3258597F64E}) (Version: 2.7.1000.0 - Dell Products, LP)
Dell System Detect (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.70 - Synaptics Incorporated)
Dell Update - SupportAssist Update Plugin (HKLM\...\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}) (Version: 4.0.1.5857 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
Dell Update (HKLM-x32\...\{D8AE5F9D-647C-49B4-A666-1C20B44EC0E1}) (Version: 2.1.3.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DiagnosticsHub_CollectionService (HKLM\...\{90A561D7-0C29-464D-94E1-2A7E1C553230}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation)
ESET Endpoint Antivirus (HKLM\...\{5E61428E-4390-4D59-95C3-CA10DF482083}) (Version: 5.0.2225.1 - ESET, spol s r. o.)
GIMP 2.10.6 (HKLM\...\GIMP-2_is1) (Version: 2.10.6 - The GIMP Team)
Google Earth Pro (HKLM-x32\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.81 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HashCalc 2.02 (HKLM-x32\...\HashCalc_is1) (Version: - SlavaSoft Inc.)
HotPotatoes v 6.3.0.5 (HKLM-x32\...\hotpot_is1) (Version: - HalfBaked)
icecap_collection_neutral (HKLM-x32\...\{64F3E6FC-68E3-4062-9C2C-ABD93FDFF309}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{0AD162D1-4973-4315-97E9-5DE9A92B4049}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{12C50688-5919-4A7A-8784-B26A7238FCEE}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{400E7885-8851-43F1-849C-5A720CB4F001}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Computing Improvement Program (HKLM\...\{58FBAE3A-E602-47E6-9F32-AE25D48B378A}) (Version: 2.4.04140 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{e5a12991-d0a9-4922-a125-fce431f55219}) (Version: 3.6.0.4 - Intel)
Intellisense Lang Pack Mobile Extension SDK 10.0.15063.0 (HKLM-x32\...\{A0007ADE-F6F6-410F-822F-7522B4F0BFDE}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{CB6A0A57-6479-4017-B4B2-3BB85EC79CEB}) (Version: 12.9.3.3 - Apple Inc.)
JetBrains PyCharm Edu 2018.2 (HKLM-x32\...\PyCharm Edu 2018.2) (Version: 182.3684.126 - JetBrains s.r.o.)
Kits Configuration Installer (HKLM-x32\...\{0C05DE52-2C77-D6FA-A561-D508CF5FC96E}) (Version: 10.1.15063.137 - Microsoft) Hidden
Lazarus 1.2.4 (HKLM\...\lazarus_is1) (Version: 1.2.4 - Lazarus Team)
Microsoft Lync Web App Plug-in (HKLM-x32\...\{51CF81C5-8540-44BB-8ABB-F8F4C0F2B971}) (Version: 15.8.20018.735 - Microsoft Corporation)
Microsoft Office 2013 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 15.0.5101.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2017 (HKLM-x32\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.10.30640.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{5CB4DD27-6252-4C08-BFCF-22F6A110CBFA}) (Version: 10.0.1972 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 64.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 64.0.2 (x64 sk)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 64.0.2.6947 - Mozilla)
mtPaint 3.40 (HKLM-x32\...\mtPaint_is1) (Version: - Dmitry Groshev)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.3.6261.27 - PC-Doctor, Inc.)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
PX Profile Update (HKLM-x32\...\{641E7514-9647-105C-757D-A8F2C172D3BF}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{873CCF4A-6FC2-69A5-9AD4-FD37D7FCE6B9}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{A85474B2-30B3-2757-1958-4483E958BE9E}) (Version: 1.00.1. - AMD) Hidden
Python 3.7.0 (32-bit) (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\{ece37911-ffeb-4f29-95d6-abcf555d7364}) (Version: 3.7.150.0 - Python Software Foundation)
Python 3.7.0 Add to Path (32-bit) (HKLM-x32\...\{1960E5AE-BA13-4FA1-B0CE-55B9F0291903}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Core Interpreter (32-bit) (HKLM-x32\...\{13BB06D9-FD38-47E5-946E-C2606C554030}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Development Libraries (32-bit) (HKLM-x32\...\{B424BE74-3C96-4974-8754-9D6442286112}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Documentation (32-bit) (HKLM-x32\...\{ABEE159E-FE5B-4E58-BDD7-1DED2F10AAEB}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Executables (32-bit) (HKLM-x32\...\{4642A126-F999-4407-801B-C1C89BDA58C5}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 pip Bootstrap (32-bit) (HKLM-x32\...\{69CFC76B-3434-4919-8885-BA7960725137}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Standard Library (32-bit) (HKLM-x32\...\{09160A5D-8B99-4A89-9E9D-8A6D8E9C7EC1}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{8A09EA6B-C86C-4ECA-8742-C4C1BCA96845}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Test Suite (32-bit) (HKLM-x32\...\{717DB3B4-C457-447B-A8A6-6921A4D917EF}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Utility Scripts (32-bit) (HKLM-x32\...\{FC756D1E-1252-406E-8414-E11FAF97F3C7}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{D6BDDB48-938A-4384-A7BE-2B4E4931B111}) (Version: 3.7.6386.0 - Python Software Foundation)
QNAP Qfinder Pro (HKLM-x32\...\QNAP_FINDER) (Version: 5.2.1.1224 - QNAP Systems, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.018 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
SGP Baltie 3.0.71.76 (HKLM-x32\...\SGP Baltík 3_is1) (Version: - SGP Systems, s.r.o.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SmartPSS 2.02.0 (HKLM-x32\...\SmartPSS) (Version: 2.02.0 - )
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Twitch (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
TypeScript Power Tool (HKLM-x32\...\{F0B4CA92-9642-4BE6-8449-A786AD4FA628}) (Version: 2.2.3.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{ADD45F52-630A-4F45-8879-A8DB80DF921B}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{919D63C5-565C-F1C3-67D9-353FE902EF11}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0AAB833E-034D-430B-D3E4-39C5753B14AC}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{D29934EC-24B6-0F5D-C6BB-E9ECCF220C12}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{2410D879-0C8F-B254-C207-455E119075B6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{485209AE-37CE-2208-59CB-7BB59AA85BE7}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{93FDC294-0726-48EA-989D-50E89C67ABF0}) (Version: 14.10.25008 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{D8A4EA2B-1A97-45A5-BF96-7493183F8524}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{3B64C68E-14E0-4214-A53D-502E9FBD32E7}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{1070C8E8-4DFB-419F-984A-5C835828897E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{B9F4AA09-F4AC-4108-ADA0-27CDD45FCEC3}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{AEF5E0F2-31D1-454A-A992-C523C0007B4D}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{DE8B48BF-82B9-434A-B254-1EA2306E5FBA}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{A041943F-C97B-48F6-8F23-C5078F99BB3A}) (Version: 15.0.26323 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{1210EE60-E253-407D-B537-D36898049CF0}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{581E5656-26E2-4A02-9711-48C8E4998310}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{15D591B0-7B40-4957-B6C0-EB7452B5AAB6}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{DC296244-0701-4EDE-9696-05B9C1D017B3}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{11230C85-1813-4BC3-9C24-E0B74B59653E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{9477F337-FD16-4ACA-8217-E2D7A0F92603}) (Version: 15.0.26301 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{497A5ACE-DA03-4412-A110-910B2C450720}) (Version: 15.0.26424 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{A8B77523-13AB-46B9-B54F-5483E09668F9}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{D396CF10-5F2B-417D-9571-0B669B99440E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{A32A9CF6-E7AA-48B8-A3D3-50C157E69F53}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
WeatherBug® (HKLM-x32\...\WeatherBug®) (Version: 10.0.7.4 - Earth Networks, Inc.)
WinAppDeploy (HKLM-x32\...\{80859F5A-D13C-AB8E-4659-B630CFE2599D}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{30DCCFB4-068F-4C5C-BC10-5ECDCAEE55D4}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.15063.137 (HKLM-x32\...\{a07b4a01-ca27-4e28-9353-f325a308f128}) (Version: 10.1.15063.137 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{45B6202F-A716-C68A-199E-43B106B56A7E}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{357D0CD4-8B72-8D65-7015-81DFB2BF9150}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{3E5375A1-0E4C-34E3-6294-C1C8BDA823E4}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E2F78B92-04DE-5350-14C0-7C281BF87D9E}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{6CE744AE-7E0F-00AF-F1BD-077D9AFCBEC6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{81A0EC8C-9462-BC98-0E5C-301DD7A46792}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{FAD08838-3937-0F6C-8787-FDFDFBF63502}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D089A695-49F0-D3B2-0EBF-2BBC33A05CD6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zoner Callisto 4 (HKLM-x32\...\{B530C7EE-9C40-11D4-8583-004F4E03F091}) (Version: 4.0.2481.4 - ZONER software)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_SK_is1) (Version: 5.0.5000.16 - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-59747867-2715415877-556145779-1001_Classes\CLSID\{7ECF6F97-B4F3-4168-9835-F59C06D7875F}\InprocServer32 -> C:\Users\PC\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\GatewayActiveX-x64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-07-23] ()
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-12-10] (Cyberlink)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2013-10-07] (ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-12-10] (Cyberlink)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2013-10-07] (ESET)
ContextMenuHandlers2-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-24] (Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2013-10-07] (ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {013B5B7A-4040-4483-9FD7-C501A8927D0D} - \WPD\SqmUpload_S-1-5-21-59747867-2715415877-556145779-1001 -> No File <==== ATTENTION
Task: {0A248988-EE4A-462B-BEB9-786643EB0E74} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {0BA72D0D-D60B-409C-978F-A9700FF9404D} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [2018-12-18] (Advanced Micro Devices, Inc.)
Task: {15171291-5481-436B-856E-9FDF9AF434FE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {16A631EC-28BF-480B-98DE-7657E4EA12B3} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bfe33ea0c353 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {257509FF-56DE-4324-8265-6D745722E188} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3D1B2A95-2342-4523-95A3-26A0B1D3A0A7} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3F084624-C729-47D4-8F37-3D3B3087FDBE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {632E2C08-0CB4-4533-AA1A-8189DFF5A5BB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {643F42B2-A5E3-44EE-B138-E829F2030A65} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {67F59649-F451-4E59-87C1-4ED03E532B44} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {68EAFE63-EB1D-4A82-9808-DF0559991F30} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2019-01-09] (Microsoft Corporation)
Task: {6A60A4A7-A4E9-414F-AEDF-9FB1418EC8FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6A95F88C-CA9B-4F85-87B8-37DE6F58A58E} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e3481821f8d1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {6BF7B3DB-FAF7-4FB6-A31A-D5593D04B7C1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6EB89210-975E-479F-AFDD-670F92745001} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2018-09-26] (Synaptics Incorporated)
Task: {6FAAA82B-EF0C-426F-88A4-4D9F47E2D154} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {72D53C99-B624-4080-8E8B-51C578D70504} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {76E88FE8-A3E9-443F-BFE8-926E12AE239C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {7D54384B-31F5-433F-AB3C-61E1929F3CD9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {7E0D1DF3-E0EC-4216-AE82-67395F72C267} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {856029CE-CADD-4BB2-A50D-0F1D1DAFD47E} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {8719B7B5-7270-4FB6-BF20-AC7B622F55A4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {8F6F39A1-7DF2-4CDA-A43B-965FA8D03BBF} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [2015-12-24] ()
Task: {90781BD0-A542-48DF-B302-4DC88A4BED01} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {9571EB9E-873A-4CA8-8F13-9F5C50EE18EA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {AB86CAD1-D6C3-48E6-BC18-C154603290FA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BDB52989-2FF5-4F91-9239-77D56D932AD0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C409CBDD-0AEC-4E57-ABD4-37CFC15BF4E6} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [2018-12-18] (Advanced Micro Devices, Inc.)
Task: {CA8BAA96-578B-434F-BB64-C31224F8CE1F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CDD1E507-1B7A-416A-B71B-8DEDB3BE23EB} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {D362FFBB-0FA6-4800-9037-1B2412C1B467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {D84A4084-B9DE-40F6-A0A3-796DFD7C3C62} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {D9822DCF-6D0E-44FB-A37D-CB5E3A9043DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {E0781ED3-218B-403C-A4DA-9320D568C666} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {E7FFB253-D9B5-4640-83A6-3148A8D68C63} - System32\Tasks\{D374413C-15A6-4E2E-8F0F-96A509F2FDD6} => C:\WINDOWS\system32\pcalua.exe -a D:\start.exe -d D:\ -c zca4net.ctx
Task: {E94218FD-918A-4BAE-BF5A-59F6F76E14B0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EFC41E06-BD68-48F4-93BA-FE6C6AA3246D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {F4DC831D-B6F5-4DAF-91FB-46314B109C00} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f3cfa88d44e2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e3481821f8d1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\PC\Desktop\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
==================== Loaded Modules (Whitelisted) ==============
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2015-03-04 00:14 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-15 20:05 - 2012-04-25 03:43 - 000254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2018-09-19 00:51 - 2018-09-19 00:51 - 000194792 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2018-03-16 14:19 - 2018-03-16 14:19 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2019-01-15 01:27 - 2019-01-15 01:27 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 19:41 - 2015-12-24 05:29 - 001739952 _____ () C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-11 20:34 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-07-23 01:14 - 2018-07-23 01:14 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2017-02-24 19:07 - 2017-02-24 19:07 - 000410608 _____ () C:\WINDOWS\system32\igfxTray.exe
2019-01-09 15:09 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-01-23 18:10 - 2019-01-23 18:11 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-10-04 20:19 - 2018-10-04 20:20 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-23 18:10 - 2019-01-23 18:10 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-11-07 10:05 - 2018-11-07 10:06 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-07 10:05 - 2018-11-07 10:05 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-07 10:05 - 2018-11-07 10:05 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2019-01-17 16:43 - 2019-01-17 16:43 - 025375744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
2019-01-17 16:43 - 2019-01-17 16:43 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-02 16:58 - 2017-12-02 16:58 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 15:43 - 2018-11-29 15:43 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-17 16:43 - 2019-01-17 16:43 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2013-10-15 20:03 - 2012-06-08 04:34 - 000627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 19:34 - 2012-06-08 19:34 - 000016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-12-21 10:24 - 2016-12-21 10:24 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2013-08-07 22:27 - 2013-08-07 22:27 - 000110088 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2018-03-27 12:41 - 2018-03-27 12:41 - 000134616 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2013-10-15 19:48 - 2013-06-01 13:31 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\dell.com -> dell.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-59747867-2715415877-556145779-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 195.28.64.99 - 195.80.171.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\StartupApproved\StartupFolder: => "Odoslanie do programu OneNote.lnk"
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\StartupApproved\Run: => "DellSystemDetect"
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\StartupApproved\Run: => "WeatherBug"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{30102924-5B07-4F35-B38A-88A55A3DF3CB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{B82D7B9B-5C5D-4015-AA3B-15FD2522B401}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{52C3E1C5-4496-4259-A5CE-E9654E0D25E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{21A9E341-1AD0-4730-B24B-AB0BC29B571B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{47D6AC27-7388-4A14-ACB3-F807EF8E9578}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
FirewallRules: [UDP Query User{44C0892B-2AA4-4853-9471-5061AE5214C3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe ()
FirewallRules: [TCP Query User{1D92281C-E484-40E4-BB82-0F7369F4D121}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe ()
FirewallRules: [UDP Query User{24D1BB75-0CB7-47A5-8713-3B40697D7CE7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.1040\agent.exe No File
FirewallRules: [TCP Query User{D2BFE56A-3216-4465-AB6A-48FDE2C483D7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.1040\agent.exe No File
FirewallRules: [{DCDD8281-8ED8-4727-81EF-932339B8DA94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{DF0E5290-F93D-4F47-8293-80BB0C010BC3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{3C539A0C-B20B-49E7-B5BF-363AF86D6BF9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{79DACAE1-41B7-4DAB-8414-7DEF7E2A5469}] => (Allow) C:\Users\PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe No File
FirewallRules: [{0F325A8E-1DC9-420C-9E88-9AA4FBF968E7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp.)
FirewallRules: [{555D19B8-199D-403B-842C-A1AA658779FB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp.)
FirewallRules: [{25477EC7-CA0E-4727-8E8B-D2C172A0E6F7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp.)
FirewallRules: [{A0E4B23F-E218-4564-81CE-1E3605F14CBB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{30AF35B5-0AC1-4E18-951B-BEA2DDF20599}] => (Allow) LPort=2869
FirewallRules: [{8379E442-DD20-4D0C-BE8D-DDFFFB33FD1C}] => (Allow) LPort=1900
FirewallRules: [{5C341CDB-BC63-4625-8FA9-2A1B840ABE90}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{625811B6-EE19-462D-9CB4-51366EB7D4CF}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [TCP Query User{55DF7898-883A-42E5-B664-E0441BCC71BB}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe ()
FirewallRules: [UDP Query User{40A0BD19-8C45-4E9F-8212-72749E8A19F8}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe ()
FirewallRules: [TCP Query User{6AF7D5CD-BD20-4972-B556-F20262FD8252}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [UDP Query User{F155DFBD-C08F-40B0-BAEA-E9E3351486C9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{2641C3BE-3734-47EB-AEC2-48F656FC372B}C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe ()
FirewallRules: [UDP Query User{10E0D422-CE56-4717-9695-2CAEDAE5DB8E}C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe ()
FirewallRules: [TCP Query User{53843B4E-A846-44E1-9329-A151960DE920}C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe (Apache Software Foundation)
FirewallRules: [UDP Query User{647C6AEF-8AA9-4402-B048-D204C827FA2C}C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe (Apache Software Foundation)
FirewallRules: [{E005A339-601F-4DD9-8A5C-78CCEDC3271A}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{CB11E425-466B-4CAF-AAF0-DBECCF0F516B}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{EA257FD9-3346-445D-B1C8-25762CE4B11D}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{00432F27-7E28-4EF5-BD69-CCD91B13CDB1}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{29DE1495-419E-48B6-94A9-C9CAEDE9069F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{AD788316-0F0A-438E-93BB-CC52310DDF1B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{695A40C3-4767-43F5-92B7-CAC69182A32D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{D5B94C70-5B75-4AB4-981A-1693174FD208}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [TCP Query User{EC665A8C-9788-40EC-971F-F8133C4A7B7B}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{7E1D0964-37E4-4BB9-B0B3-F0941F846968}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [TCP Query User{78F96B74-BCF8-46D3-A38D-7B70BB912D8E}C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Block) C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment)
FirewallRules: [UDP Query User{12F59E3A-0A20-44F7-A50D-582A5A980405}C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Block) C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment)
FirewallRules: [{ED310E81-1993-4BB9-AE0E-6B2FF9B77BB6}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
FirewallRules: [{4B4292D7-872C-41A9-997F-BA717C835CE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
==================== Restore Points =========================
17-01-2019 17:15:08 Scheduled Checkpoint
28-01-2019 11:37:18 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/30/2019 10:25:17 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Dell)
Description: httphttp-2147467263
Error: (01/30/2019 10:07:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 09:06:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 08:05:04 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 07:04:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 06:03:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 05:02:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 04:02:01 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
System errors:
=============
Error: (01/30/2019 10:21:38 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 10:11:51 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 10:11:51 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 10:11:50 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 10:11:50 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 10:11:36 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 10:11:36 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 10:11:36 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 31%
Total physical RAM: 7908.96 MB
Available physical RAM: 5428.88 MB
Total Virtual: 9188.96 MB
Available Virtual: 6533.38 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:292.15 GB) (Free:38.88 GB) NTFS
Drive e: () (Fixed) (Total:625.02 GB) (Free:172.82 GB) NTFS
\\?\Volume{6b723fca-7ca8-4185-ba39-f9d013817b69}\ (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.2 GB) NTFS
\\?\Volume{2f637da8-09f6-42d6-a98e-e9e430c56898}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS
\\?\Volume{e5350e30-3191-4427-b802-595da6d434e7}\ (PBR Image) (Fixed) (Total:12.39 GB) (Free:0.71 GB) NTFS
\\?\Volume{d4b43b03-c251-4358-8377-de09233073c3}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 37E884AF)
Partition: GPT.
==================== End of Addition.txt ============================
Re: Spomalený NB, prosím o kontrolu logov
Dobry den.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
► Vyšla moja nová kniha BOTNETY!
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << 
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---


----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Spomalený NB, prosím o kontrolu logov
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-25.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-30-2019
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 31
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
Deleted C:\Program Files\Earth Networks
***** [ Files ] *****
Deleted C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\searchplugins\ask-web-search.xml
Deleted C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\WeatherBug®.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|WeatherBug
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|WeatherBug
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WeatherBug®
Deleted HKCU\Software\Earth Networks
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}
Deleted HKCU\Software\distromatic
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted HKLM\Software\Classes\Installer\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted HKLM\Software\Classes\Installer\Features\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|WeatherBug.exe
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
***** [ Chromium (and derivatives) ] *****
Deleted Yandex Search and Startpage
Deleted ????? ??????a
Deleted ????????? — ??????
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [4374 octets] - [30/01/2019 11:20:09]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-25.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-30-2019
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 31
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
Deleted C:\Program Files\Earth Networks
***** [ Files ] *****
Deleted C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\searchplugins\ask-web-search.xml
Deleted C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\WeatherBug®.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|WeatherBug
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|WeatherBug
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WeatherBug®
Deleted HKCU\Software\Earth Networks
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}
Deleted HKCU\Software\distromatic
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted HKLM\Software\Classes\Installer\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted HKLM\Software\Classes\Installer\Features\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|WeatherBug.exe
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
***** [ Chromium (and derivatives) ] *****
Deleted Yandex Search and Startpage
Deleted ????? ??????a
Deleted ????????? — ??????
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [4374 octets] - [30/01/2019 11:20:09]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: Spomalený NB, prosím o kontrolu logov
Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
► Vyšla moja nová kniha BOTNETY!
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << 
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---


----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Spomalený NB, prosím o kontrolu logov
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2019
Ran by PC (administrator) on DELL (30-01-2019 12:15:41)
Running from C:\Users\PC\Downloads\FRST
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Angličtina (USA)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atiesrxx.exe
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [410608 2017-02-24] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [4148664 2013-10-07] (ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126712 2018-10-18] (Intel)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\Run: [DellSystemDetect] => C:\Users\PC\AppData\Local\Apps\2.0\AXP02MEK.TEW\LP903LAY.HQX\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe [283432 2015-03-03] (Dell)
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\MountPoints2: {ea22ecce-cb30-11e4-be7f-8056f264031e} - "F:\autohtml.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.81\Installer\chrmstp.exe [2019-01-30] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-10-29] (Qualcomm®Atheros®)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-10-29] (Qualcomm®Atheros®)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do programu OneNote.lnk [2018-05-26]
ShortcutTarget: Odoslanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-12-30]
ShortcutTarget: Twitch.lnk -> C:\Users\PC\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 195.28.64.99 195.80.171.4
Tcpip\..\Interfaces\{67833ea8-559b-4b16-bdbf-916e387312d8}: [DhcpNameServer] 195.28.64.99 195.80.171.4
Internet Explorer:
==================
HKU\S-1-5-21-59747867-2715415877-556145779-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> 06510FF3985DC1CDFA0601F1A5C44831 URL =
SearchScopes: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> {3A0CCF5E-31E3-45A9-A90D-0F7578B74B72} URL = hxxp://yandex.com/yandsearch?win=184&clid=1989596&text={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-01-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-01-15] (Microsoft Corporation)
BHO: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
Toolbar: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244 [2019-01-28]
FF Homepage: Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244 -> hxxps://www.google.sk/
FF NewTabOverride: Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244 -> Enabled: pavel.sherbakov@gmail.com
FF Extension: (New Tab Page) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\Extensions\pavel.sherbakov@gmail.com.xpi [2019-01-21]
FF Extension: (Speed Dial) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-09-06] [Legacy]
FF Extension: (Speed Dial) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\Extensions\{6c3bd1f7-54d6-400f-b074-03b70bab4d71}.xpi [2017-12-16]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: (ESET Endpoint Security Extension) - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2015-07-09] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-59747867-2715415877-556145779-1001: LWA64Plugin15.8 -> C:\Users\PC\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\npLWAPlugin15.8-x64.dll [2015-02-10] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-59747867-2715415877-556145779-1001: LWAPlugin15.8 -> C:\Users\PC\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\npLWAPlugin15.8.dll [2015-02-10] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> yandex.ru
CHR NewTab: Default -> Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://yandex.ru/search/?__PARAM__from=chromesearch&text={searchTerms}
CHR DefaultSearchKeyword: Default -> yandex.ru
CHR DefaultSuggestURL: Default -> hxxp://suggest.yandex.net/suggest-ff.cgi?uil=ru&part={searchTerms}
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2019-01-30]
CHR Extension: (Prezentácie) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-22]
CHR Extension: (Dokumenty) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22]
CHR Extension: (Disk Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-14]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-03]
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cncgohepihcekklokhbhiblhfcmipbdh [2019-01-30]
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-14]
CHR Extension: (Tabuľky) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-22]
CHR Extension: (Стартовая — Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehngeifmelphpllncobkmimphfkckne [2019-01-30]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-15]
CHR Extension: (Speed Dial 2) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2018-04-22]
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdeldjolamfbcgnndjmjjiinnhbnbnla [2019-01-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-22]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-12]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-30]
CHR HKLM-x32\...\Chrome\Extension: [cncgohepihcekklokhbhiblhfcmipbdh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gehngeifmelphpllncobkmimphfkckne] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mdeldjolamfbcgnndjmjjiinnhbnbnla] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atiesrxx.exe [508512 2018-12-19] (AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23800 2018-10-18] (Intel)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [42048 2013-10-07] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1025584 2013-10-07] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [191368 2013-10-07] (ESET)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-09-19] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382448 2017-02-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21312 2017-03-29] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-01] (Intel Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265640 2018-09-26] (Synaptics Incorporated)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [194792 2018-09-19] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [185344 2017-02-13] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-09-19] ()
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-02-08] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atikmdag.sys [52749408 2018-12-19] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atikmpag.sys [590432 2018-12-19] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103712 2018-10-18] (Advanced Micro Devices, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [219184 2013-10-25] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [185224 2013-09-09] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [155896 2013-09-09] (ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [147096 2013-09-09] (ESET)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2017-01-23] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [43008 2018-09-19] ()
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-03-05] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [53880 2018-09-26] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S2 iocbios2; \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-30 11:19 - 2019-01-30 11:21 - 000000000 ____D C:\AdwCleaner
2019-01-30 11:17 - 2019-01-30 11:18 - 007320272 _____ (Malwarebytes) C:\Users\PC\Desktop\adwcleaner_7.2.6.0.exe
2019-01-30 11:04 - 2019-01-30 12:15 - 000000000 ____D C:\Users\PC\Downloads\FRST
2019-01-30 10:29 - 2019-01-30 12:15 - 000000000 ____D C:\FRST
2019-01-28 12:38 - 2019-01-28 12:39 - 000144960 _____ C:\WINDOWS\ntbtlog.txt
2019-01-28 12:38 - 2019-01-28 12:38 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-01-28 11:26 - 2019-01-30 11:23 - 000003084 _____ C:\WINDOWS\System32\Tasks\AMDLinkUpdate
2019-01-25 15:40 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2019-01-25 15:40 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2019-01-25 15:39 - 2019-01-25 15:39 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2019-01-25 15:24 - 2019-01-25 15:24 - 000001818 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-01-25 15:24 - 2019-01-25 15:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-01-25 15:24 - 2019-01-25 15:24 - 000000000 ____D C:\Program Files\iPod
2019-01-25 15:22 - 2019-01-25 15:24 - 000000000 ____D C:\Program Files\iTunes
2019-01-25 15:22 - 2019-01-25 15:23 - 029278224 _____ (Intel Corporation) C:\Users\PC\Downloads\XTUSetup.exe
2019-01-25 15:02 - 2019-01-25 15:02 - 000007605 _____ C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2019-01-23 15:16 - 2019-01-23 15:34 - 000000000 ____D C:\Users\PC\Desktop\USB ADATA - kopia
2019-01-20 22:01 - 2019-01-20 22:01 - 000000570 _____ C:\Users\PC\Desktop\tulipány - Béreš.BPR
2019-01-18 20:11 - 2019-01-18 20:11 - 012243172 _____ C:\Users\PC\Desktop\Stromy 2019.pdf
2019-01-09 15:09 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 15:09 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 15:09 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 15:09 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 15:09 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 15:09 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 15:09 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 15:09 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 15:09 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 15:09 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 15:09 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 15:09 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 15:09 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 15:09 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 15:09 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 15:09 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 15:09 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 15:09 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 15:09 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 15:09 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 15:09 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 15:09 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 15:09 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 15:09 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 15:09 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 15:09 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 15:09 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 15:09 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 15:09 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 15:09 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 15:08 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 15:08 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 15:08 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 15:08 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 15:08 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 15:08 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 15:08 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 15:08 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 15:08 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 15:08 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 15:08 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 15:08 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 15:08 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 15:08 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 15:08 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 15:08 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 15:08 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 15:08 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 15:08 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 15:08 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 15:08 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 15:08 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 15:08 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 15:08 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 15:08 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 15:08 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 15:08 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 15:08 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 15:08 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 15:08 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 15:08 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 15:08 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 15:08 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 15:08 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 15:08 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 15:08 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 15:08 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 15:08 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 15:08 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 15:08 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 15:08 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 15:08 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 15:08 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 15:08 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 15:08 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-04 20:56 - 1995-01-01 01:00 - 000000044 _____ C:\Users\PC\Desktop\Track01.cda
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-30 12:13 - 2018-06-01 09:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-30 11:31 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-30 11:23 - 2018-10-18 18:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-01-30 11:23 - 2018-06-01 09:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-30 11:23 - 2017-07-12 22:10 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-30 11:23 - 2015-11-29 08:22 - 000000000 __SHD C:\Users\PC\IntelGraphicsProfiles
2019-01-30 11:22 - 2018-10-18 19:44 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-01-30 11:22 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-01-30 10:08 - 2018-06-01 09:47 - 000004134 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EE1F8749-5733-4956-A39E-BC754026FB52}
2019-01-30 00:25 - 2015-03-22 09:09 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-29 22:58 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-29 16:32 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-29 14:28 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-29 14:27 - 2018-07-10 17:37 - 000000000 ____D C:\ProgramData\Packages
2019-01-28 12:24 - 2018-06-01 09:47 - 000003344 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-59747867-2715415877-556145779-1001
2019-01-28 12:24 - 2018-06-01 09:10 - 000002356 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-28 12:24 - 2015-03-04 00:20 - 000000000 ___RD C:\Users\PC\OneDrive
2019-01-28 12:04 - 2016-11-20 12:33 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla
2019-01-25 15:53 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-25 15:53 - 2015-03-03 20:03 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-25 15:53 - 2015-03-03 01:40 - 000000000 ____D C:\Program Files (x86)\Intel
2019-01-25 15:53 - 2013-10-15 19:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-01-25 15:47 - 2013-10-15 19:48 - 000000000 ____D C:\ProgramData\Intel
2019-01-25 15:41 - 2018-12-30 17:13 - 000000000 ____D C:\Users\PC\AppData\Roaming\Twitch
2019-01-25 15:39 - 2013-10-15 20:10 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2019-01-25 15:26 - 2016-11-19 23:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-01-25 15:26 - 2015-03-15 18:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-25 15:19 - 2017-12-20 22:51 - 000000000 ___HD C:\Users\PC\MicrosoftEdgeBackups
2019-01-24 16:26 - 2018-06-04 16:26 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2019-01-23 15:16 - 2018-12-08 11:34 - 000000000 ____D C:\Users\PC\Desktop\USB - kopia
2019-01-22 18:13 - 2018-08-14 13:24 - 000000000 ____D C:\BEATA - C
2019-01-22 16:17 - 2017-03-14 17:55 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2019-01-22 16:13 - 2017-03-14 17:54 - 000001137 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-01-22 15:59 - 2015-03-15 17:52 - 000000712 _____ C:\Users\PC\Desktop\BEATA.lnk
2019-01-20 22:17 - 2017-12-20 22:10 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2019-01-19 15:23 - 2018-10-18 18:17 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2019-01-18 19:39 - 2018-11-17 12:33 - 000000000 ____D C:\Program Files\rempl
2019-01-17 21:35 - 2017-10-22 16:14 - 000000000 ____D C:\Users\PC\AppData\Local\Battle.net
2019-01-16 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-15 20:09 - 2015-03-04 00:14 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-01-13 15:25 - 2016-09-06 15:37 - 000001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-01-09 22:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 22:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 15:43 - 2015-03-02 21:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 15:33 - 2015-03-02 21:11 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-08 13:05 - 2018-06-01 09:47 - 000004560 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-08 13:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-01-08 13:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-06 09:34 - 2015-11-11 13:47 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-02 20:41 - 2018-11-15 10:27 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-11-15 10:27 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-01 10:50 - 2015-03-25 12:06 - 000001514 _____ C:\Users\PC\Desktop\Lazarus.lnk
==================== Files in the root of some directories =======
2018-07-03 17:44 - 2003-03-21 11:45 - 000250544 _____ (KeyWorks Software) C:\Program Files (x86)\Common Files\keyhelp.ocx
2017-04-23 18:26 - 2017-04-23 18:27 - 000004608 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-17 13:48 - 2017-07-17 13:48 - 000000218 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2019-01-25 15:02 - 2019-01-25 15:02 - 000007605 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-01 09:02
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2019
Ran by PC (30-01-2019 12:16:41)
Running from C:\Users\PC\Downloads\FRST
Windows 10 Home Version 1803 17134.523 (X64) (2018-06-01 08:48:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-59747867-2715415877-556145779-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-59747867-2715415877-556145779-503 - Limited - Disabled)
Guest (S-1-5-21-59747867-2715415877-556145779-501 - Limited - Disabled)
PC (S-1-5-21-59747867-2715415877-556145779-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-59747867-2715415877-556145779-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{B753FD71-4EB8-4842-9016-B1B97ACBDC79}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{E43C1D03-D1BF-4DF9-A6F3-E483EA8B01CA}) (Version: 3.6.0.4 - Intel) Hidden
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.12.3 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Application Verifier x64 External Package (HKLM\...\{01C2C51F-B0CF-BB5E-A010-E927D44F7720}) (Version: 10.1.15063.137 - Microsoft) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{E598B692-764A-413C-8530-59163D6B4AE3}) (Version: 4.6.01590 - Microsoft Corporation) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{98CB551E-EDB1-4535-82A6-E3258597F64E}) (Version: 2.7.1000.0 - Dell Products, LP)
Dell System Detect (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.70 - Synaptics Incorporated)
Dell Update - SupportAssist Update Plugin (HKLM\...\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}) (Version: 4.0.1.5857 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
Dell Update (HKLM-x32\...\{D8AE5F9D-647C-49B4-A666-1C20B44EC0E1}) (Version: 2.1.3.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DiagnosticsHub_CollectionService (HKLM\...\{90A561D7-0C29-464D-94E1-2A7E1C553230}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation)
ESET Endpoint Antivirus (HKLM\...\{5E61428E-4390-4D59-95C3-CA10DF482083}) (Version: 5.0.2225.1 - ESET, spol s r. o.)
GIMP 2.10.6 (HKLM\...\GIMP-2_is1) (Version: 2.10.6 - The GIMP Team)
Google Earth Pro (HKLM-x32\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.81 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HashCalc 2.02 (HKLM-x32\...\HashCalc_is1) (Version: - SlavaSoft Inc.)
HotPotatoes v 6.3.0.5 (HKLM-x32\...\hotpot_is1) (Version: - HalfBaked)
icecap_collection_neutral (HKLM-x32\...\{64F3E6FC-68E3-4062-9C2C-ABD93FDFF309}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{0AD162D1-4973-4315-97E9-5DE9A92B4049}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{12C50688-5919-4A7A-8784-B26A7238FCEE}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{400E7885-8851-43F1-849C-5A720CB4F001}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Computing Improvement Program (HKLM\...\{58FBAE3A-E602-47E6-9F32-AE25D48B378A}) (Version: 2.4.04140 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{e5a12991-d0a9-4922-a125-fce431f55219}) (Version: 3.6.0.4 - Intel)
Intellisense Lang Pack Mobile Extension SDK 10.0.15063.0 (HKLM-x32\...\{A0007ADE-F6F6-410F-822F-7522B4F0BFDE}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{CB6A0A57-6479-4017-B4B2-3BB85EC79CEB}) (Version: 12.9.3.3 - Apple Inc.)
JetBrains PyCharm Edu 2018.2 (HKLM-x32\...\PyCharm Edu 2018.2) (Version: 182.3684.126 - JetBrains s.r.o.)
Kits Configuration Installer (HKLM-x32\...\{0C05DE52-2C77-D6FA-A561-D508CF5FC96E}) (Version: 10.1.15063.137 - Microsoft) Hidden
Lazarus 1.2.4 (HKLM\...\lazarus_is1) (Version: 1.2.4 - Lazarus Team)
Microsoft Lync Web App Plug-in (HKLM-x32\...\{51CF81C5-8540-44BB-8ABB-F8F4C0F2B971}) (Version: 15.8.20018.735 - Microsoft Corporation)
Microsoft Office 2013 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 15.0.5101.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2017 (HKLM-x32\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.10.30640.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{5CB4DD27-6252-4C08-BFCF-22F6A110CBFA}) (Version: 10.0.1972 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 64.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 64.0.2 (x64 sk)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 64.0.2.6947 - Mozilla)
mtPaint 3.40 (HKLM-x32\...\mtPaint_is1) (Version: - Dmitry Groshev)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.3.6261.27 - PC-Doctor, Inc.)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
PX Profile Update (HKLM-x32\...\{641E7514-9647-105C-757D-A8F2C172D3BF}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{873CCF4A-6FC2-69A5-9AD4-FD37D7FCE6B9}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{A85474B2-30B3-2757-1958-4483E958BE9E}) (Version: 1.00.1. - AMD) Hidden
Python 3.7.0 (32-bit) (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\{ece37911-ffeb-4f29-95d6-abcf555d7364}) (Version: 3.7.150.0 - Python Software Foundation)
Python 3.7.0 Add to Path (32-bit) (HKLM-x32\...\{1960E5AE-BA13-4FA1-B0CE-55B9F0291903}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Core Interpreter (32-bit) (HKLM-x32\...\{13BB06D9-FD38-47E5-946E-C2606C554030}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Development Libraries (32-bit) (HKLM-x32\...\{B424BE74-3C96-4974-8754-9D6442286112}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Documentation (32-bit) (HKLM-x32\...\{ABEE159E-FE5B-4E58-BDD7-1DED2F10AAEB}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Executables (32-bit) (HKLM-x32\...\{4642A126-F999-4407-801B-C1C89BDA58C5}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 pip Bootstrap (32-bit) (HKLM-x32\...\{69CFC76B-3434-4919-8885-BA7960725137}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Standard Library (32-bit) (HKLM-x32\...\{09160A5D-8B99-4A89-9E9D-8A6D8E9C7EC1}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{8A09EA6B-C86C-4ECA-8742-C4C1BCA96845}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Test Suite (32-bit) (HKLM-x32\...\{717DB3B4-C457-447B-A8A6-6921A4D917EF}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Utility Scripts (32-bit) (HKLM-x32\...\{FC756D1E-1252-406E-8414-E11FAF97F3C7}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{D6BDDB48-938A-4384-A7BE-2B4E4931B111}) (Version: 3.7.6386.0 - Python Software Foundation)
QNAP Qfinder Pro (HKLM-x32\...\QNAP_FINDER) (Version: 5.2.1.1224 - QNAP Systems, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.018 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
SGP Baltie 3.0.71.76 (HKLM-x32\...\SGP Baltík 3_is1) (Version: - SGP Systems, s.r.o.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SmartPSS 2.02.0 (HKLM-x32\...\SmartPSS) (Version: 2.02.0 - )
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Twitch (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
TypeScript Power Tool (HKLM-x32\...\{F0B4CA92-9642-4BE6-8449-A786AD4FA628}) (Version: 2.2.3.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{ADD45F52-630A-4F45-8879-A8DB80DF921B}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{919D63C5-565C-F1C3-67D9-353FE902EF11}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0AAB833E-034D-430B-D3E4-39C5753B14AC}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{D29934EC-24B6-0F5D-C6BB-E9ECCF220C12}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{2410D879-0C8F-B254-C207-455E119075B6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{485209AE-37CE-2208-59CB-7BB59AA85BE7}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{93FDC294-0726-48EA-989D-50E89C67ABF0}) (Version: 14.10.25008 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{D8A4EA2B-1A97-45A5-BF96-7493183F8524}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{3B64C68E-14E0-4214-A53D-502E9FBD32E7}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{1070C8E8-4DFB-419F-984A-5C835828897E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{B9F4AA09-F4AC-4108-ADA0-27CDD45FCEC3}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{AEF5E0F2-31D1-454A-A992-C523C0007B4D}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{DE8B48BF-82B9-434A-B254-1EA2306E5FBA}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{A041943F-C97B-48F6-8F23-C5078F99BB3A}) (Version: 15.0.26323 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{1210EE60-E253-407D-B537-D36898049CF0}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{581E5656-26E2-4A02-9711-48C8E4998310}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{15D591B0-7B40-4957-B6C0-EB7452B5AAB6}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{DC296244-0701-4EDE-9696-05B9C1D017B3}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{11230C85-1813-4BC3-9C24-E0B74B59653E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{9477F337-FD16-4ACA-8217-E2D7A0F92603}) (Version: 15.0.26301 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{497A5ACE-DA03-4412-A110-910B2C450720}) (Version: 15.0.26424 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{A8B77523-13AB-46B9-B54F-5483E09668F9}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{D396CF10-5F2B-417D-9571-0B669B99440E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{A32A9CF6-E7AA-48B8-A3D3-50C157E69F53}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{80859F5A-D13C-AB8E-4659-B630CFE2599D}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{30DCCFB4-068F-4C5C-BC10-5ECDCAEE55D4}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.15063.137 (HKLM-x32\...\{a07b4a01-ca27-4e28-9353-f325a308f128}) (Version: 10.1.15063.137 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{45B6202F-A716-C68A-199E-43B106B56A7E}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{357D0CD4-8B72-8D65-7015-81DFB2BF9150}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{3E5375A1-0E4C-34E3-6294-C1C8BDA823E4}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E2F78B92-04DE-5350-14C0-7C281BF87D9E}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{6CE744AE-7E0F-00AF-F1BD-077D9AFCBEC6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{81A0EC8C-9462-BC98-0E5C-301DD7A46792}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{FAD08838-3937-0F6C-8787-FDFDFBF63502}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D089A695-49F0-D3B2-0EBF-2BBC33A05CD6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zoner Callisto 4 (HKLM-x32\...\{B530C7EE-9C40-11D4-8583-004F4E03F091}) (Version: 4.0.2481.4 - ZONER software)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_SK_is1) (Version: 5.0.5000.16 - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-59747867-2715415877-556145779-1001_Classes\CLSID\{7ECF6F97-B4F3-4168-9835-F59C06D7875F}\InprocServer32 -> C:\Users\PC\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\GatewayActiveX-x64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-07-23] ()
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-12-10] (Cyberlink)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2013-10-07] (ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-12-10] (Cyberlink)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2013-10-07] (ESET)
ContextMenuHandlers2-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-24] (Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2013-10-07] (ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {013B5B7A-4040-4483-9FD7-C501A8927D0D} - \WPD\SqmUpload_S-1-5-21-59747867-2715415877-556145779-1001 -> No File <==== ATTENTION
Task: {0A248988-EE4A-462B-BEB9-786643EB0E74} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {15171291-5481-436B-856E-9FDF9AF434FE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {16A631EC-28BF-480B-98DE-7657E4EA12B3} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bfe33ea0c353 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {257509FF-56DE-4324-8265-6D745722E188} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3D1B2A95-2342-4523-95A3-26A0B1D3A0A7} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3F084624-C729-47D4-8F37-3D3B3087FDBE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {632E2C08-0CB4-4533-AA1A-8189DFF5A5BB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {643F42B2-A5E3-44EE-B138-E829F2030A65} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {67F59649-F451-4E59-87C1-4ED03E532B44} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {68EAFE63-EB1D-4A82-9808-DF0559991F30} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2019-01-09] (Microsoft Corporation)
Task: {6A60A4A7-A4E9-414F-AEDF-9FB1418EC8FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6A95F88C-CA9B-4F85-87B8-37DE6F58A58E} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e3481821f8d1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {6BF7B3DB-FAF7-4FB6-A31A-D5593D04B7C1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6EB89210-975E-479F-AFDD-670F92745001} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2018-09-26] (Synaptics Incorporated)
Task: {6FAAA82B-EF0C-426F-88A4-4D9F47E2D154} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {72D53C99-B624-4080-8E8B-51C578D70504} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {76E88FE8-A3E9-443F-BFE8-926E12AE239C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {7D54384B-31F5-433F-AB3C-61E1929F3CD9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {7E0D1DF3-E0EC-4216-AE82-67395F72C267} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {856029CE-CADD-4BB2-A50D-0F1D1DAFD47E} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {8719B7B5-7270-4FB6-BF20-AC7B622F55A4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {8F6F39A1-7DF2-4CDA-A43B-965FA8D03BBF} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [2015-12-24] ()
Task: {90781BD0-A542-48DF-B302-4DC88A4BED01} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {9571EB9E-873A-4CA8-8F13-9F5C50EE18EA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A2AA3A37-A9F7-457E-8C10-BE5DB2B9F35B} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [2018-12-18] (Advanced Micro Devices, Inc.)
Task: {AB86CAD1-D6C3-48E6-BC18-C154603290FA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BDB52989-2FF5-4F91-9239-77D56D932AD0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C409CBDD-0AEC-4E57-ABD4-37CFC15BF4E6} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [2018-12-18] (Advanced Micro Devices, Inc.)
Task: {CA8BAA96-578B-434F-BB64-C31224F8CE1F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CDD1E507-1B7A-416A-B71B-8DEDB3BE23EB} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {D362FFBB-0FA6-4800-9037-1B2412C1B467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {D84A4084-B9DE-40F6-A0A3-796DFD7C3C62} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {D9822DCF-6D0E-44FB-A37D-CB5E3A9043DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {E0781ED3-218B-403C-A4DA-9320D568C666} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {E7FFB253-D9B5-4640-83A6-3148A8D68C63} - System32\Tasks\{D374413C-15A6-4E2E-8F0F-96A509F2FDD6} => C:\WINDOWS\system32\pcalua.exe -a D:\start.exe -d D:\ -c zca4net.ctx
Task: {E94218FD-918A-4BAE-BF5A-59F6F76E14B0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EFC41E06-BD68-48F4-93BA-FE6C6AA3246D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {F4DC831D-B6F5-4DAF-91FB-46314B109C00} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f3cfa88d44e2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e3481821f8d1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\PC\Desktop\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
==================== Loaded Modules (Whitelisted) ==============
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2015-03-04 00:14 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-15 20:05 - 2012-04-25 03:43 - 000254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2018-03-16 14:19 - 2018-03-16 14:19 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2019-01-15 01:27 - 2019-01-15 01:27 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000194792 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2016-03-18 19:41 - 2015-12-24 05:29 - 001739952 _____ () C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
2017-02-24 19:07 - 2017-02-24 19:07 - 000410608 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-11 20:34 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-01-23 18:10 - 2019-01-23 18:11 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-10-04 20:19 - 2018-10-04 20:20 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-23 18:10 - 2019-01-23 18:10 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-11-07 10:05 - 2018-11-07 10:06 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-07 10:05 - 2018-11-07 10:05 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-07 10:05 - 2018-11-07 10:05 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2019-01-25 14:39 - 2019-01-25 14:39 - 028012544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-01-25 14:39 - 2019-01-25 14:39 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-02 16:58 - 2017-12-02 16:58 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 15:43 - 2018-11-29 15:43 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-25 14:39 - 2019-01-25 14:39 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-17 16:43 - 2019-01-17 16:43 - 025375744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
2019-01-17 16:43 - 2019-01-17 16:43 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-02 16:58 - 2017-12-02 16:58 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 15:43 - 2018-11-29 15:43 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-17 16:43 - 2019-01-17 16:43 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2013-10-15 20:03 - 2012-06-08 04:34 - 000627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 19:34 - 2012-06-08 19:34 - 000016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-12-21 10:24 - 2016-12-21 10:24 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2013-08-07 22:27 - 2013-08-07 22:27 - 000110088 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2018-03-27 12:41 - 2018-03-27 12:41 - 000134616 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2013-10-15 19:48 - 2013-06-01 13:31 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\dell.com -> dell.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-59747867-2715415877-556145779-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 195.28.64.99 - 195.80.171.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\StartupApproved\StartupFolder: => "Odoslanie do programu OneNote.lnk"
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\StartupApproved\Run: => "DellSystemDetect"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{30102924-5B07-4F35-B38A-88A55A3DF3CB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{B82D7B9B-5C5D-4015-AA3B-15FD2522B401}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{52C3E1C5-4496-4259-A5CE-E9654E0D25E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{21A9E341-1AD0-4730-B24B-AB0BC29B571B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{47D6AC27-7388-4A14-ACB3-F807EF8E9578}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
FirewallRules: [UDP Query User{44C0892B-2AA4-4853-9471-5061AE5214C3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe ()
FirewallRules: [TCP Query User{1D92281C-E484-40E4-BB82-0F7369F4D121}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe ()
FirewallRules: [UDP Query User{24D1BB75-0CB7-47A5-8713-3B40697D7CE7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.1040\agent.exe No File
FirewallRules: [TCP Query User{D2BFE56A-3216-4465-AB6A-48FDE2C483D7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.1040\agent.exe No File
FirewallRules: [{DCDD8281-8ED8-4727-81EF-932339B8DA94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{DF0E5290-F93D-4F47-8293-80BB0C010BC3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{3C539A0C-B20B-49E7-B5BF-363AF86D6BF9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{79DACAE1-41B7-4DAB-8414-7DEF7E2A5469}] => (Allow) C:\Users\PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe No File
FirewallRules: [{0F325A8E-1DC9-420C-9E88-9AA4FBF968E7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp.)
FirewallRules: [{555D19B8-199D-403B-842C-A1AA658779FB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp.)
FirewallRules: [{25477EC7-CA0E-4727-8E8B-D2C172A0E6F7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp.)
FirewallRules: [{A0E4B23F-E218-4564-81CE-1E3605F14CBB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{30AF35B5-0AC1-4E18-951B-BEA2DDF20599}] => (Allow) LPort=2869
FirewallRules: [{8379E442-DD20-4D0C-BE8D-DDFFFB33FD1C}] => (Allow) LPort=1900
FirewallRules: [{5C341CDB-BC63-4625-8FA9-2A1B840ABE90}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{625811B6-EE19-462D-9CB4-51366EB7D4CF}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [TCP Query User{55DF7898-883A-42E5-B664-E0441BCC71BB}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe ()
FirewallRules: [UDP Query User{40A0BD19-8C45-4E9F-8212-72749E8A19F8}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe ()
FirewallRules: [TCP Query User{6AF7D5CD-BD20-4972-B556-F20262FD8252}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [UDP Query User{F155DFBD-C08F-40B0-BAEA-E9E3351486C9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{2641C3BE-3734-47EB-AEC2-48F656FC372B}C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe ()
FirewallRules: [UDP Query User{10E0D422-CE56-4717-9695-2CAEDAE5DB8E}C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe ()
FirewallRules: [TCP Query User{53843B4E-A846-44E1-9329-A151960DE920}C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe (Apache Software Foundation)
FirewallRules: [UDP Query User{647C6AEF-8AA9-4402-B048-D204C827FA2C}C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe (Apache Software Foundation)
FirewallRules: [{E005A339-601F-4DD9-8A5C-78CCEDC3271A}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{CB11E425-466B-4CAF-AAF0-DBECCF0F516B}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{EA257FD9-3346-445D-B1C8-25762CE4B11D}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{00432F27-7E28-4EF5-BD69-CCD91B13CDB1}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{29DE1495-419E-48B6-94A9-C9CAEDE9069F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{AD788316-0F0A-438E-93BB-CC52310DDF1B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{695A40C3-4767-43F5-92B7-CAC69182A32D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{D5B94C70-5B75-4AB4-981A-1693174FD208}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [TCP Query User{EC665A8C-9788-40EC-971F-F8133C4A7B7B}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{7E1D0964-37E4-4BB9-B0B3-F0941F846968}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [TCP Query User{78F96B74-BCF8-46D3-A38D-7B70BB912D8E}C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Block) C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment)
FirewallRules: [UDP Query User{12F59E3A-0A20-44F7-A50D-582A5A980405}C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Block) C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment)
FirewallRules: [{ED310E81-1993-4BB9-AE0E-6B2FF9B77BB6}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
FirewallRules: [{4B4292D7-872C-41A9-997F-BA717C835CE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
==================== Restore Points =========================
17-01-2019 17:15:08 Scheduled Checkpoint
28-01-2019 11:37:18 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/30/2019 11:08:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 10:25:17 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Dell)
Description: httphttp-2147467263
Error: (01/30/2019 10:07:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 09:06:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 08:05:04 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 07:04:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 06:03:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 05:02:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
System errors:
=============
Error: (01/30/2019 11:27:15 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 11:26:07 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 11:23:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 11:23:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 11:23:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby iocbios2 zlyhalo kvôli nasledujúcej chybe:
The system cannot find the path specified.
Error: (01/30/2019 11:21:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dell Customer Connect sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (01/30/2019 11:21:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dell Update Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (01/30/2019 11:21:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Remediation Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Restart the service.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 31%
Total physical RAM: 7908.96 MB
Available physical RAM: 5393.48 MB
Total Virtual: 9188.96 MB
Available Virtual: 6727.28 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:292.15 GB) (Free:38.89 GB) NTFS
Drive e: () (Fixed) (Total:625.02 GB) (Free:172.82 GB) NTFS
\\?\Volume{6b723fca-7ca8-4185-ba39-f9d013817b69}\ (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.2 GB) NTFS
\\?\Volume{2f637da8-09f6-42d6-a98e-e9e430c56898}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS
\\?\Volume{e5350e30-3191-4427-b802-595da6d434e7}\ (PBR Image) (Fixed) (Total:12.39 GB) (Free:0.71 GB) NTFS
\\?\Volume{d4b43b03-c251-4358-8377-de09233073c3}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 37E884AF)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by PC (administrator) on DELL (30-01-2019 12:15:41)
Running from C:\Users\PC\Downloads\FRST
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Home Version 1803 17134.523 (X64) Language: Angličtina (USA)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atiesrxx.exe
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [410608 2017-02-24] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [4148664 2013-10-07] (ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126712 2018-10-18] (Intel)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\Run: [DellSystemDetect] => C:\Users\PC\AppData\Local\Apps\2.0\AXP02MEK.TEW\LP903LAY.HQX\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe [283432 2015-03-03] (Dell)
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\MountPoints2: {ea22ecce-cb30-11e4-be7f-8056f264031e} - "F:\autohtml.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.81\Installer\chrmstp.exe [2019-01-30] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-10-29] (Qualcomm®Atheros®)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-10-29] (Qualcomm®Atheros®)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do programu OneNote.lnk [2018-05-26]
ShortcutTarget: Odoslanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-12-30]
ShortcutTarget: Twitch.lnk -> C:\Users\PC\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 195.28.64.99 195.80.171.4
Tcpip\..\Interfaces\{67833ea8-559b-4b16-bdbf-916e387312d8}: [DhcpNameServer] 195.28.64.99 195.80.171.4
Internet Explorer:
==================
HKU\S-1-5-21-59747867-2715415877-556145779-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> 06510FF3985DC1CDFA0601F1A5C44831 URL =
SearchScopes: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> {3A0CCF5E-31E3-45A9-A90D-0F7578B74B72} URL = hxxp://yandex.com/yandsearch?win=184&clid=1989596&text={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-01-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-01-15] (Microsoft Corporation)
BHO: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
Toolbar: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244 [2019-01-28]
FF Homepage: Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244 -> hxxps://www.google.sk/
FF NewTabOverride: Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244 -> Enabled: pavel.sherbakov@gmail.com
FF Extension: (New Tab Page) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\Extensions\pavel.sherbakov@gmail.com.xpi [2019-01-21]
FF Extension: (Speed Dial) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-09-06] [Legacy]
FF Extension: (Speed Dial) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\qf7f26u1.default-1436293988244\Extensions\{6c3bd1f7-54d6-400f-b074-03b70bab4d71}.xpi [2017-12-16]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: (ESET Endpoint Security Extension) - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2015-07-09] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-59747867-2715415877-556145779-1001: LWA64Plugin15.8 -> C:\Users\PC\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\npLWAPlugin15.8-x64.dll [2015-02-10] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-59747867-2715415877-556145779-1001: LWAPlugin15.8 -> C:\Users\PC\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\npLWAPlugin15.8.dll [2015-02-10] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> yandex.ru
CHR NewTab: Default -> Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://yandex.ru/search/?__PARAM__from=chromesearch&text={searchTerms}
CHR DefaultSearchKeyword: Default -> yandex.ru
CHR DefaultSuggestURL: Default -> hxxp://suggest.yandex.net/suggest-ff.cgi?uil=ru&part={searchTerms}
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2019-01-30]
CHR Extension: (Prezentácie) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-22]
CHR Extension: (Dokumenty) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22]
CHR Extension: (Disk Google) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-14]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-03]
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cncgohepihcekklokhbhiblhfcmipbdh [2019-01-30]
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-14]
CHR Extension: (Tabuľky) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-22]
CHR Extension: (Стартовая — Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehngeifmelphpllncobkmimphfkckne [2019-01-30]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-15]
CHR Extension: (Speed Dial 2) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2018-04-22]
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdeldjolamfbcgnndjmjjiinnhbnbnla [2019-01-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-22]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-12]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-30]
CHR HKLM-x32\...\Chrome\Extension: [cncgohepihcekklokhbhiblhfcmipbdh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gehngeifmelphpllncobkmimphfkckne] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mdeldjolamfbcgnndjmjjiinnhbnbnla] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atiesrxx.exe [508512 2018-12-19] (AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23800 2018-10-18] (Intel)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [42048 2013-10-07] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1025584 2013-10-07] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [191368 2013-10-07] (ESET)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-09-19] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382448 2017-02-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21312 2017-03-29] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-01] (Intel Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265640 2018-09-26] (Synaptics Incorporated)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [194792 2018-09-19] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [185344 2017-02-13] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-09-19] ()
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-02-08] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atikmdag.sys [52749408 2018-12-19] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0337288.inf_amd64_3c3211f00f323cb5\B337205\atikmpag.sys [590432 2018-12-19] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [103712 2018-10-18] (Advanced Micro Devices, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [219184 2013-10-25] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [185224 2013-09-09] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [155896 2013-09-09] (ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [147096 2013-09-09] (ESET)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2017-01-23] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [43008 2018-09-19] ()
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-03-05] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [53880 2018-09-26] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S2 iocbios2; \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-30 11:19 - 2019-01-30 11:21 - 000000000 ____D C:\AdwCleaner
2019-01-30 11:17 - 2019-01-30 11:18 - 007320272 _____ (Malwarebytes) C:\Users\PC\Desktop\adwcleaner_7.2.6.0.exe
2019-01-30 11:04 - 2019-01-30 12:15 - 000000000 ____D C:\Users\PC\Downloads\FRST
2019-01-30 10:29 - 2019-01-30 12:15 - 000000000 ____D C:\FRST
2019-01-28 12:38 - 2019-01-28 12:39 - 000144960 _____ C:\WINDOWS\ntbtlog.txt
2019-01-28 12:38 - 2019-01-28 12:38 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-01-28 11:26 - 2019-01-30 11:23 - 000003084 _____ C:\WINDOWS\System32\Tasks\AMDLinkUpdate
2019-01-25 15:40 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2019-01-25 15:40 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2019-01-25 15:39 - 2019-01-25 15:39 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2019-01-25 15:24 - 2019-01-25 15:24 - 000001818 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-01-25 15:24 - 2019-01-25 15:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-01-25 15:24 - 2019-01-25 15:24 - 000000000 ____D C:\Program Files\iPod
2019-01-25 15:22 - 2019-01-25 15:24 - 000000000 ____D C:\Program Files\iTunes
2019-01-25 15:22 - 2019-01-25 15:23 - 029278224 _____ (Intel Corporation) C:\Users\PC\Downloads\XTUSetup.exe
2019-01-25 15:02 - 2019-01-25 15:02 - 000007605 _____ C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2019-01-23 15:16 - 2019-01-23 15:34 - 000000000 ____D C:\Users\PC\Desktop\USB ADATA - kopia
2019-01-20 22:01 - 2019-01-20 22:01 - 000000570 _____ C:\Users\PC\Desktop\tulipány - Béreš.BPR
2019-01-18 20:11 - 2019-01-18 20:11 - 012243172 _____ C:\Users\PC\Desktop\Stromy 2019.pdf
2019-01-09 15:09 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 15:09 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 15:09 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 15:09 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 15:09 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 15:09 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 15:09 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 15:09 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 15:09 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 15:09 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 15:09 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 15:09 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 15:09 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 15:09 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 15:09 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 15:09 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 15:09 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 15:09 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 15:09 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 15:09 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 15:09 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 15:09 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 15:09 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 15:09 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 15:09 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 15:09 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 15:09 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 15:09 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 15:09 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 15:09 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 15:09 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 15:09 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 15:08 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 15:08 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 15:08 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 15:08 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 15:08 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 15:08 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 15:08 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 15:08 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 15:08 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 15:08 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 15:08 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 15:08 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 15:08 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 15:08 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 15:08 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 15:08 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 15:08 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 15:08 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 15:08 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 15:08 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 15:08 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 15:08 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 15:08 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 15:08 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 15:08 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 15:08 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 15:08 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 15:08 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 15:08 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 15:08 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 15:08 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 15:08 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 15:08 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 15:08 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 15:08 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 15:08 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 15:08 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 15:08 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 15:08 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 15:08 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 15:08 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 15:08 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 15:08 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 15:08 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 15:08 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-04 20:56 - 1995-01-01 01:00 - 000000044 _____ C:\Users\PC\Desktop\Track01.cda
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-01-30 12:13 - 2018-06-01 09:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-30 11:31 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-30 11:23 - 2018-10-18 18:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-01-30 11:23 - 2018-06-01 09:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-30 11:23 - 2017-07-12 22:10 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-30 11:23 - 2015-11-29 08:22 - 000000000 __SHD C:\Users\PC\IntelGraphicsProfiles
2019-01-30 11:22 - 2018-10-18 19:44 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-01-30 11:22 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-01-30 10:08 - 2018-06-01 09:47 - 000004134 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EE1F8749-5733-4956-A39E-BC754026FB52}
2019-01-30 00:25 - 2015-03-22 09:09 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-01-29 22:58 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-29 16:32 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-29 14:28 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-29 14:27 - 2018-07-10 17:37 - 000000000 ____D C:\ProgramData\Packages
2019-01-28 12:24 - 2018-06-01 09:47 - 000003344 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-59747867-2715415877-556145779-1001
2019-01-28 12:24 - 2018-06-01 09:10 - 000002356 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-28 12:24 - 2015-03-04 00:20 - 000000000 ___RD C:\Users\PC\OneDrive
2019-01-28 12:04 - 2016-11-20 12:33 - 000000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla
2019-01-25 15:53 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-25 15:53 - 2015-03-03 20:03 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-25 15:53 - 2015-03-03 01:40 - 000000000 ____D C:\Program Files (x86)\Intel
2019-01-25 15:53 - 2013-10-15 19:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2019-01-25 15:47 - 2013-10-15 19:48 - 000000000 ____D C:\ProgramData\Intel
2019-01-25 15:41 - 2018-12-30 17:13 - 000000000 ____D C:\Users\PC\AppData\Roaming\Twitch
2019-01-25 15:39 - 2013-10-15 20:10 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2019-01-25 15:26 - 2016-11-19 23:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-01-25 15:26 - 2015-03-15 18:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-25 15:19 - 2017-12-20 22:51 - 000000000 ___HD C:\Users\PC\MicrosoftEdgeBackups
2019-01-24 16:26 - 2018-06-04 16:26 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2019-01-23 15:16 - 2018-12-08 11:34 - 000000000 ____D C:\Users\PC\Desktop\USB - kopia
2019-01-22 18:13 - 2018-08-14 13:24 - 000000000 ____D C:\BEATA - C
2019-01-22 16:17 - 2017-03-14 17:55 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2019-01-22 16:13 - 2017-03-14 17:54 - 000001137 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-01-22 15:59 - 2015-03-15 17:52 - 000000712 _____ C:\Users\PC\Desktop\BEATA.lnk
2019-01-20 22:17 - 2017-12-20 22:10 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2019-01-19 15:23 - 2018-10-18 18:17 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2019-01-18 19:39 - 2018-11-17 12:33 - 000000000 ____D C:\Program Files\rempl
2019-01-17 21:35 - 2017-10-22 16:14 - 000000000 ____D C:\Users\PC\AppData\Local\Battle.net
2019-01-16 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-15 20:09 - 2015-03-04 00:14 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-01-13 15:25 - 2016-09-06 15:37 - 000001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-01-09 22:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 22:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 15:43 - 2015-03-02 21:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 15:33 - 2015-03-02 21:11 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-08 13:05 - 2018-06-01 09:47 - 000004560 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-08 13:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-01-08 13:04 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-06 09:34 - 2015-11-11 13:47 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-02 20:41 - 2018-11-15 10:27 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-11-15 10:27 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-01 10:50 - 2015-03-25 12:06 - 000001514 _____ C:\Users\PC\Desktop\Lazarus.lnk
==================== Files in the root of some directories =======
2018-07-03 17:44 - 2003-03-21 11:45 - 000250544 _____ (KeyWorks Software) C:\Program Files (x86)\Common Files\keyhelp.ocx
2017-04-23 18:26 - 2017-04-23 18:27 - 000004608 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-17 13:48 - 2017-07-17 13:48 - 000000218 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2019-01-25 15:02 - 2019-01-25 15:02 - 000007605 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-01 09:02
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2019
Ran by PC (30-01-2019 12:16:41)
Running from C:\Users\PC\Downloads\FRST
Windows 10 Home Version 1803 17134.523 (X64) (2018-06-01 08:48:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-59747867-2715415877-556145779-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-59747867-2715415877-556145779-503 - Limited - Disabled)
Guest (S-1-5-21-59747867-2715415877-556145779-501 - Limited - Disabled)
PC (S-1-5-21-59747867-2715415877-556145779-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-59747867-2715415877-556145779-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{B753FD71-4EB8-4842-9016-B1B97ACBDC79}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{E43C1D03-D1BF-4DF9-A6F3-E483EA8B01CA}) (Version: 3.6.0.4 - Intel) Hidden
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.12.3 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Application Verifier x64 External Package (HKLM\...\{01C2C51F-B0CF-BB5E-A010-E927D44F7720}) (Version: 10.1.15063.137 - Microsoft) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{E598B692-764A-413C-8530-59163D6B4AE3}) (Version: 4.6.01590 - Microsoft Corporation) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{98CB551E-EDB1-4535-82A6-E3258597F64E}) (Version: 2.7.1000.0 - Dell Products, LP)
Dell System Detect (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.70 - Synaptics Incorporated)
Dell Update - SupportAssist Update Plugin (HKLM\...\{6DE68941-66DE-48DE-9C80-FE60C9DE0AD4}) (Version: 4.0.1.5857 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{1dbe752f-b00e-4567-9276-141812b20d28}) (Version: 4.0.1.5857 - Dell Inc.)
Dell Update (HKLM-x32\...\{D8AE5F9D-647C-49B4-A666-1C20B44EC0E1}) (Version: 2.1.3.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
DiagnosticsHub_CollectionService (HKLM\...\{90A561D7-0C29-464D-94E1-2A7E1C553230}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation)
ESET Endpoint Antivirus (HKLM\...\{5E61428E-4390-4D59-95C3-CA10DF482083}) (Version: 5.0.2225.1 - ESET, spol s r. o.)
GIMP 2.10.6 (HKLM\...\GIMP-2_is1) (Version: 2.10.6 - The GIMP Team)
Google Earth Pro (HKLM-x32\...\{BF354C72-AC4C-4A87-8D42-B089862BAE58}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.81 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HashCalc 2.02 (HKLM-x32\...\HashCalc_is1) (Version: - SlavaSoft Inc.)
HotPotatoes v 6.3.0.5 (HKLM-x32\...\hotpot_is1) (Version: - HalfBaked)
icecap_collection_neutral (HKLM-x32\...\{64F3E6FC-68E3-4062-9C2C-ABD93FDFF309}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{0AD162D1-4973-4315-97E9-5DE9A92B4049}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{12C50688-5919-4A7A-8784-B26A7238FCEE}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{400E7885-8851-43F1-849C-5A720CB4F001}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Computing Improvement Program (HKLM\...\{58FBAE3A-E602-47E6-9F32-AE25D48B378A}) (Version: 2.4.04140 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{e5a12991-d0a9-4922-a125-fce431f55219}) (Version: 3.6.0.4 - Intel)
Intellisense Lang Pack Mobile Extension SDK 10.0.15063.0 (HKLM-x32\...\{A0007ADE-F6F6-410F-822F-7522B4F0BFDE}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{CB6A0A57-6479-4017-B4B2-3BB85EC79CEB}) (Version: 12.9.3.3 - Apple Inc.)
JetBrains PyCharm Edu 2018.2 (HKLM-x32\...\PyCharm Edu 2018.2) (Version: 182.3684.126 - JetBrains s.r.o.)
Kits Configuration Installer (HKLM-x32\...\{0C05DE52-2C77-D6FA-A561-D508CF5FC96E}) (Version: 10.1.15063.137 - Microsoft) Hidden
Lazarus 1.2.4 (HKLM\...\lazarus_is1) (Version: 1.2.4 - Lazarus Team)
Microsoft Lync Web App Plug-in (HKLM-x32\...\{51CF81C5-8540-44BB-8ABB-F8F4C0F2B971}) (Version: 15.8.20018.735 - Microsoft Corporation)
Microsoft Office 2013 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 15.0.5101.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2017 (HKLM-x32\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.10.30640.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{5CB4DD27-6252-4C08-BFCF-22F6A110CBFA}) (Version: 10.0.1972 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 64.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 64.0.2 (x64 sk)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 64.0.2.6947 - Mozilla)
mtPaint 3.40 (HKLM-x32\...\mtPaint_is1) (Version: - Dmitry Groshev)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.3.6261.27 - PC-Doctor, Inc.)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5101.1002 - Microsoft Corporation) Hidden
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
PX Profile Update (HKLM-x32\...\{641E7514-9647-105C-757D-A8F2C172D3BF}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{873CCF4A-6FC2-69A5-9AD4-FD37D7FCE6B9}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{A85474B2-30B3-2757-1958-4483E958BE9E}) (Version: 1.00.1. - AMD) Hidden
Python 3.7.0 (32-bit) (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\{ece37911-ffeb-4f29-95d6-abcf555d7364}) (Version: 3.7.150.0 - Python Software Foundation)
Python 3.7.0 Add to Path (32-bit) (HKLM-x32\...\{1960E5AE-BA13-4FA1-B0CE-55B9F0291903}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Core Interpreter (32-bit) (HKLM-x32\...\{13BB06D9-FD38-47E5-946E-C2606C554030}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Development Libraries (32-bit) (HKLM-x32\...\{B424BE74-3C96-4974-8754-9D6442286112}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Documentation (32-bit) (HKLM-x32\...\{ABEE159E-FE5B-4E58-BDD7-1DED2F10AAEB}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Executables (32-bit) (HKLM-x32\...\{4642A126-F999-4407-801B-C1C89BDA58C5}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 pip Bootstrap (32-bit) (HKLM-x32\...\{69CFC76B-3434-4919-8885-BA7960725137}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Standard Library (32-bit) (HKLM-x32\...\{09160A5D-8B99-4A89-9E9D-8A6D8E9C7EC1}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{8A09EA6B-C86C-4ECA-8742-C4C1BCA96845}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Test Suite (32-bit) (HKLM-x32\...\{717DB3B4-C457-447B-A8A6-6921A4D917EF}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python 3.7.0 Utility Scripts (32-bit) (HKLM-x32\...\{FC756D1E-1252-406E-8414-E11FAF97F3C7}) (Version: 3.7.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{D6BDDB48-938A-4384-A7BE-2B4E4931B111}) (Version: 3.7.6386.0 - Python Software Foundation)
QNAP Qfinder Pro (HKLM-x32\...\QNAP_FINDER) (Version: 5.2.1.1224 - QNAP Systems, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.018 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
SGP Baltie 3.0.71.76 (HKLM-x32\...\SGP Baltík 3_is1) (Version: - SGP Systems, s.r.o.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SmartPSS 2.02.0 (HKLM-x32\...\SmartPSS) (Version: 2.02.0 - )
Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Twitch (HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
TypeScript Power Tool (HKLM-x32\...\{F0B4CA92-9642-4BE6-8449-A786AD4FA628}) (Version: 2.2.3.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{ADD45F52-630A-4F45-8879-A8DB80DF921B}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{919D63C5-565C-F1C3-67D9-353FE902EF11}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0AAB833E-034D-430B-D3E4-39C5753B14AC}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{D29934EC-24B6-0F5D-C6BB-E9ECCF220C12}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{2410D879-0C8F-B254-C207-455E119075B6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{485209AE-37CE-2208-59CB-7BB59AA85BE7}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{93FDC294-0726-48EA-989D-50E89C67ABF0}) (Version: 14.10.25008 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{D8A4EA2B-1A97-45A5-BF96-7493183F8524}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{3B64C68E-14E0-4214-A53D-502E9FBD32E7}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{1070C8E8-4DFB-419F-984A-5C835828897E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{B9F4AA09-F4AC-4108-ADA0-27CDD45FCEC3}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{AEF5E0F2-31D1-454A-A992-C523C0007B4D}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{DE8B48BF-82B9-434A-B254-1EA2306E5FBA}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{A041943F-C97B-48F6-8F23-C5078F99BB3A}) (Version: 15.0.26323 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{1210EE60-E253-407D-B537-D36898049CF0}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{581E5656-26E2-4A02-9711-48C8E4998310}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{15D591B0-7B40-4957-B6C0-EB7452B5AAB6}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{DC296244-0701-4EDE-9696-05B9C1D017B3}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{11230C85-1813-4BC3-9C24-E0B74B59653E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{9477F337-FD16-4ACA-8217-E2D7A0F92603}) (Version: 15.0.26301 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{497A5ACE-DA03-4412-A110-910B2C450720}) (Version: 15.0.26424 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{A8B77523-13AB-46B9-B54F-5483E09668F9}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{D396CF10-5F2B-417D-9571-0B669B99440E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{A32A9CF6-E7AA-48B8-A3D3-50C157E69F53}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{80859F5A-D13C-AB8E-4659-B630CFE2599D}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{30DCCFB4-068F-4C5C-BC10-5ECDCAEE55D4}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.15063.137 (HKLM-x32\...\{a07b4a01-ca27-4e28-9353-f325a308f128}) (Version: 10.1.15063.137 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{45B6202F-A716-C68A-199E-43B106B56A7E}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{357D0CD4-8B72-8D65-7015-81DFB2BF9150}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{3E5375A1-0E4C-34E3-6294-C1C8BDA823E4}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E2F78B92-04DE-5350-14C0-7C281BF87D9E}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{6CE744AE-7E0F-00AF-F1BD-077D9AFCBEC6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{81A0EC8C-9462-BC98-0E5C-301DD7A46792}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{FAD08838-3937-0F6C-8787-FDFDFBF63502}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D089A695-49F0-D3B2-0EBF-2BBC33A05CD6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zoner Callisto 4 (HKLM-x32\...\{B530C7EE-9C40-11D4-8583-004F4E03F091}) (Version: 4.0.2481.4 - ZONER software)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_SK_is1) (Version: 5.0.5000.16 - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-59747867-2715415877-556145779-1001_Classes\CLSID\{7ECF6F97-B4F3-4168-9835-F59C06D7875F}\InprocServer32 -> C:\Users\PC\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\GatewayActiveX-x64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-07-23] ()
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-12-10] (Cyberlink)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2013-10-07] (ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-12-10] (Cyberlink)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2013-10-07] (ESET)
ContextMenuHandlers2-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-24] (Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2013-10-07] (ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [ZONERMenu] -> {7B793D34-DB64-11D0-8720-0020AF158EA5} => C:\Program Files (x86)\Zoner\Callisto 4\Program\fshex40.dll [2002-09-27] (ZONER software, Ltd.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {013B5B7A-4040-4483-9FD7-C501A8927D0D} - \WPD\SqmUpload_S-1-5-21-59747867-2715415877-556145779-1001 -> No File <==== ATTENTION
Task: {0A248988-EE4A-462B-BEB9-786643EB0E74} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {15171291-5481-436B-856E-9FDF9AF434FE} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {16A631EC-28BF-480B-98DE-7657E4EA12B3} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bfe33ea0c353 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {257509FF-56DE-4324-8265-6D745722E188} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3D1B2A95-2342-4523-95A3-26A0B1D3A0A7} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3F084624-C729-47D4-8F37-3D3B3087FDBE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {632E2C08-0CB4-4533-AA1A-8189DFF5A5BB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {643F42B2-A5E3-44EE-B138-E829F2030A65} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {67F59649-F451-4E59-87C1-4ED03E532B44} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {68EAFE63-EB1D-4A82-9808-DF0559991F30} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2019-01-09] (Microsoft Corporation)
Task: {6A60A4A7-A4E9-414F-AEDF-9FB1418EC8FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6A95F88C-CA9B-4F85-87B8-37DE6F58A58E} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e3481821f8d1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {6BF7B3DB-FAF7-4FB6-A31A-D5593D04B7C1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6EB89210-975E-479F-AFDD-670F92745001} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2018-09-26] (Synaptics Incorporated)
Task: {6FAAA82B-EF0C-426F-88A4-4D9F47E2D154} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {72D53C99-B624-4080-8E8B-51C578D70504} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {76E88FE8-A3E9-443F-BFE8-926E12AE239C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {7D54384B-31F5-433F-AB3C-61E1929F3CD9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {7E0D1DF3-E0EC-4216-AE82-67395F72C267} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {856029CE-CADD-4BB2-A50D-0F1D1DAFD47E} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {8719B7B5-7270-4FB6-BF20-AC7B622F55A4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-08] (Adobe Systems Incorporated)
Task: {8F6F39A1-7DF2-4CDA-A43B-965FA8D03BBF} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [2015-12-24] ()
Task: {90781BD0-A542-48DF-B302-4DC88A4BED01} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {9571EB9E-873A-4CA8-8F13-9F5C50EE18EA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A2AA3A37-A9F7-457E-8C10-BE5DB2B9F35B} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [2018-12-18] (Advanced Micro Devices, Inc.)
Task: {AB86CAD1-D6C3-48E6-BC18-C154603290FA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BDB52989-2FF5-4F91-9239-77D56D932AD0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C409CBDD-0AEC-4E57-ABD4-37CFC15BF4E6} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [2018-12-18] (Advanced Micro Devices, Inc.)
Task: {CA8BAA96-578B-434F-BB64-C31224F8CE1F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CDD1E507-1B7A-416A-B71B-8DEDB3BE23EB} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {D362FFBB-0FA6-4800-9037-1B2412C1B467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {D84A4084-B9DE-40F6-A0A3-796DFD7C3C62} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {D9822DCF-6D0E-44FB-A37D-CB5E3A9043DC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
Task: {E0781ED3-218B-403C-A4DA-9320D568C666} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {E7FFB253-D9B5-4640-83A6-3148A8D68C63} - System32\Tasks\{D374413C-15A6-4E2E-8F0F-96A509F2FDD6} => C:\WINDOWS\system32\pcalua.exe -a D:\start.exe -d D:\ -c zca4net.ctx
Task: {E94218FD-918A-4BAE-BF5A-59F6F76E14B0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EFC41E06-BD68-48F4-93BA-FE6C6AA3246D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {F4DC831D-B6F5-4DAF-91FB-46314B109C00} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f3cfa88d44e2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e3481821f8d1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\PC\Desktop\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
==================== Loaded Modules (Whitelisted) ==============
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2015-03-04 00:14 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-10-15 20:05 - 2012-04-25 03:43 - 000254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2018-03-16 14:19 - 2018-03-16 14:19 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2019-01-15 01:27 - 2019-01-15 01:27 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000194792 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2016-03-18 19:41 - 2015-12-24 05:29 - 001739952 _____ () C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
2017-02-24 19:07 - 2017-02-24 19:07 - 000410608 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-11 20:34 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-09 15:09 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-01-23 18:10 - 2019-01-23 18:11 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-10-04 20:19 - 2018-10-04 20:20 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-23 18:10 - 2019-01-23 18:10 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-11-07 10:05 - 2018-11-07 10:06 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-07 10:05 - 2018-11-07 10:05 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-07 10:05 - 2018-11-07 10:05 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2019-01-25 14:39 - 2019-01-25 14:39 - 028012544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-01-25 14:39 - 2019-01-25 14:39 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-02 16:58 - 2017-12-02 16:58 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 15:43 - 2018-11-29 15:43 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-25 14:39 - 2019-01-25 14:39 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-17 16:43 - 2019-01-17 16:43 - 025375744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
2019-01-17 16:43 - 2019-01-17 16:43 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-02 16:58 - 2017-12-02 16:58 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 15:43 - 2018-11-29 15:43 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-17 16:43 - 2019-01-17 16:43 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2013-10-15 20:03 - 2012-06-08 04:34 - 000627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 19:34 - 2012-06-08 19:34 - 000016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-12-21 10:24 - 2016-12-21 10:24 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2013-08-07 22:27 - 2013-08-07 22:27 - 000110088 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2018-03-27 12:41 - 2018-03-27 12:41 - 000134616 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2013-10-15 19:48 - 2013-06-01 13:31 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\dell.com -> dell.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-59747867-2715415877-556145779-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 195.28.64.99 - 195.80.171.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\StartupApproved\StartupFolder: => "Odoslanie do programu OneNote.lnk"
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\StartupApproved\Run: => "DellSystemDetect"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{30102924-5B07-4F35-B38A-88A55A3DF3CB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{B82D7B9B-5C5D-4015-AA3B-15FD2522B401}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{52C3E1C5-4496-4259-A5CE-E9654E0D25E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{21A9E341-1AD0-4730-B24B-AB0BC29B571B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{47D6AC27-7388-4A14-ACB3-F807EF8E9578}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
FirewallRules: [UDP Query User{44C0892B-2AA4-4853-9471-5061AE5214C3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe ()
FirewallRules: [TCP Query User{1D92281C-E484-40E4-BB82-0F7369F4D121}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe ()
FirewallRules: [UDP Query User{24D1BB75-0CB7-47A5-8713-3B40697D7CE7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.1040\agent.exe No File
FirewallRules: [TCP Query User{D2BFE56A-3216-4465-AB6A-48FDE2C483D7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.1040\agent.exe No File
FirewallRules: [{DCDD8281-8ED8-4727-81EF-932339B8DA94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{DF0E5290-F93D-4F47-8293-80BB0C010BC3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{3C539A0C-B20B-49E7-B5BF-363AF86D6BF9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{79DACAE1-41B7-4DAB-8414-7DEF7E2A5469}] => (Allow) C:\Users\PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe No File
FirewallRules: [{0F325A8E-1DC9-420C-9E88-9AA4FBF968E7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp.)
FirewallRules: [{555D19B8-199D-403B-842C-A1AA658779FB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp.)
FirewallRules: [{25477EC7-CA0E-4727-8E8B-D2C172A0E6F7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp.)
FirewallRules: [{A0E4B23F-E218-4564-81CE-1E3605F14CBB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
FirewallRules: [{30AF35B5-0AC1-4E18-951B-BEA2DDF20599}] => (Allow) LPort=2869
FirewallRules: [{8379E442-DD20-4D0C-BE8D-DDFFFB33FD1C}] => (Allow) LPort=1900
FirewallRules: [{5C341CDB-BC63-4625-8FA9-2A1B840ABE90}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{625811B6-EE19-462D-9CB4-51366EB7D4CF}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [TCP Query User{55DF7898-883A-42E5-B664-E0441BCC71BB}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe ()
FirewallRules: [UDP Query User{40A0BD19-8C45-4E9F-8212-72749E8A19F8}C:\program files (x86)\qnap\qfinder\qfinderpro.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinderpro.exe ()
FirewallRules: [TCP Query User{6AF7D5CD-BD20-4972-B556-F20262FD8252}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [UDP Query User{F155DFBD-C08F-40B0-BAEA-E9E3351486C9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{2641C3BE-3734-47EB-AEC2-48F656FC372B}C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe ()
FirewallRules: [UDP Query User{10E0D422-CE56-4717-9695-2CAEDAE5DB8E}C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\mysql\bin\mysqld_usbwv8.exe ()
FirewallRules: [TCP Query User{53843B4E-A846-44E1-9329-A151960DE920}C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe (Apache Software Foundation)
FirewallRules: [UDP Query User{647C6AEF-8AA9-4402-B048-D204C827FA2C}C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe] => (Allow) C:\users\pc\desktop\usbwebserver v8.6\apache2\bin\httpd_usbwv8.exe (Apache Software Foundation)
FirewallRules: [{E005A339-601F-4DD9-8A5C-78CCEDC3271A}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{CB11E425-466B-4CAF-AAF0-DBECCF0F516B}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{EA257FD9-3346-445D-B1C8-25762CE4B11D}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{00432F27-7E28-4EF5-BD69-CCD91B13CDB1}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{29DE1495-419E-48B6-94A9-C9CAEDE9069F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{AD788316-0F0A-438E-93BB-CC52310DDF1B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{695A40C3-4767-43F5-92B7-CAC69182A32D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{D5B94C70-5B75-4AB4-981A-1693174FD208}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [TCP Query User{EC665A8C-9788-40EC-971F-F8133C4A7B7B}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{7E1D0964-37E4-4BB9-B0B3-F0941F846968}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [TCP Query User{78F96B74-BCF8-46D3-A38D-7B70BB912D8E}C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Block) C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment)
FirewallRules: [UDP Query User{12F59E3A-0A20-44F7-A50D-582A5A980405}C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Block) C:\program files (x86)\martin\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment)
FirewallRules: [{ED310E81-1993-4BB9-AE0E-6B2FF9B77BB6}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
FirewallRules: [{4B4292D7-872C-41A9-997F-BA717C835CE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
==================== Restore Points =========================
17-01-2019 17:15:08 Scheduled Checkpoint
28-01-2019 11:37:18 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/30/2019 11:08:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 10:25:17 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Dell)
Description: httphttp-2147467263
Error: (01/30/2019 10:07:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 09:06:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 08:05:04 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 07:04:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 06:03:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
Error: (01/30/2019 05:02:00 AM) (Source: ESENT) (EventID: 474) (User: )
Description: svchost (4056,D,23) SRUJet: The database page read from the file "C:\WINDOWS\system32\SRU\SRUDB.dat" at offset 13312000 (0x0000000000cb2000) (database page 3249 (0xCB1)) for 4096 (0x00001000) bytes failed verification due to a page checksum mismatch. The stored checksum was [756e0a91af9bd1e3] and the computed checksum was [756e0a91af9bd1c3]. The read operation will fail with error -1018 (0xfffffc06). If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further assistance diagnosing the problem.
System errors:
=============
Error: (01/30/2019 11:27:15 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 11:26:07 AM) (Source: DCOM) (EventID: 10016) (User: Dell)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user Dell\PC SID (S-1-5-21-59747867-2715415877-556145779-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 11:23:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 11:23:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/30/2019 11:23:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby iocbios2 zlyhalo kvôli nasledujúcej chybe:
The system cannot find the path specified.
Error: (01/30/2019 11:21:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dell Customer Connect sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (01/30/2019 11:21:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dell Update Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (01/30/2019 11:21:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Remediation Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Restart the service.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 31%
Total physical RAM: 7908.96 MB
Available physical RAM: 5393.48 MB
Total Virtual: 9188.96 MB
Available Virtual: 6727.28 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:292.15 GB) (Free:38.89 GB) NTFS
Drive e: () (Fixed) (Total:625.02 GB) (Free:172.82 GB) NTFS
\\?\Volume{6b723fca-7ca8-4185-ba39-f9d013817b69}\ (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.2 GB) NTFS
\\?\Volume{2f637da8-09f6-42d6-a98e-e9e430c56898}\ () (Fixed) (Total:0.82 GB) (Free:0.34 GB) NTFS
\\?\Volume{e5350e30-3191-4427-b802-595da6d434e7}\ (PBR Image) (Fixed) (Total:12.39 GB) (Free:0.71 GB) NTFS
\\?\Volume{d4b43b03-c251-4358-8377-de09233073c3}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.44 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 37E884AF)
Partition: GPT.
==================== End of Addition.txt ============================
Re: Spomalený NB, prosím o kontrolu logov
Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST, pricom zvolte Kodovanie na UTF-8 (skopirujte do poznamkoveho bloku -> Subor -> Ulozit ako -> Encoding/Kodovaniee: zvolte UTF-8 -> ulozit).
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Kód: Vybrat vše
CloseProcesses:
C:\WINDOWS\System32\drivers\HipShieldK.sys
C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
C:\WINDOWS\system32\DRIVERS\mfencrk.sys
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\MountPoints2: {ea22ecce-cb30-11e4-be7f-8056f264031e} - "F:\autohtml.exe"
SearchScopes: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> 06510FF3985DC1CDFA0601F1A5C44831 URL =
SearchScopes: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> {3A0CCF5E-31E3-45A9-A90D-0F7578B74B72} URL = hxxp://yandex.com/yandsearch?win=184&clid=1989596&text={searchTerms}
BHO: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
Toolbar: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
CHR HomePage: Default -> yandex.ru
CHR NewTab: Default -> Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://yandex.ru/search/?__PARAM__from= ... arch&text={searchTerms}
CHR DefaultSearchKeyword: Default -> yandex.ru
CHR DefaultSuggestURL: Default -> hxxp://suggest.yandex.net/suggest-ff.cgi?uil=ru&part={searchTerms}
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cncgohepihcekklokhbhiblhfcmipbdh [2019-01-30]
CHR Extension: (Стартовая — Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehngeifmelphpllncobkmimphfkckne [2019-01-30]
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdeldjolamfbcgnndjmjjiinnhbnbnla [2019-01-30]
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
S3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
S2 iocbios2; \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [X]
2019-01-30 11:23 - 2017-07-12 22:10 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-07-03 17:44 - 2003-03-21 11:45 - 000250544 _____ (KeyWorks Software) C:\Program Files (x86)\Common Files\keyhelp.ocx
2017-04-23 18:26 - 2017-04-23 18:27 - 000004608 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e3481821f8d1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{30102924-5B07-4F35-B38A-88A55A3DF3CB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{B82D7B9B-5C5D-4015-AA3B-15FD2522B401}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{52C3E1C5-4496-4259-A5CE-E9654E0D25E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{21A9E341-1AD0-4730-B24B-AB0BC29B571B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [UDP Query User{24D1BB75-0CB7-47A5-8713-3B40697D7CE7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.1040\agent.exe No File
FirewallRules: [TCP Query User{D2BFE56A-3216-4465-AB6A-48FDE2C483D7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.1040\agent.exe No File
FirewallRules: [TCP Query User{EC665A8C-9788-40EC-971F-F8133C4A7B7B}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{7E1D0964-37E4-4BB9-B0B3-F0941F846968}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe No File
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY!
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << 
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---


----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Spomalený NB, prosím o kontrolu logov
Fix result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by PC (30-01-2019 12:49:24) Run:1
Running from C:\Users\PC\Downloads\FRST
Loaded Profiles: PC (Available Profiles: PC)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
C:\WINDOWS\System32\drivers\HipShieldK.sys
C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
C:\WINDOWS\system32\DRIVERS\mfencrk.sys
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\MountPoints2: {ea22ecce-cb30-11e4-be7f-8056f264031e} - "F:\autohtml.exe"
SearchScopes: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> 06510FF3985DC1CDFA0601F1A5C44831 URL =
SearchScopes: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> {3A0CCF5E-31E3-45A9-A90D-0F7578B74B72} URL = hxxp://yandex.com/yandsearch?win=184&clid=1989596&text={searchTerms}
BHO: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
Toolbar: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
CHR HomePage: Default -> yandex.ru
CHR NewTab: Default -> Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://yandex.ru/search/?__PARAM__from= ... arch&text={searchTerms}
CHR DefaultSearchKeyword: Default -> yandex.ru
CHR DefaultSuggestURL: Default -> hxxp://suggest.yandex.net/suggest-ff.cgi?uil=ru&part={searchTerms}
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cncgohepihcekklokhbhiblhfcmipbdh [2019-01-30]
CHR Extension: (Стартовая — Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehngeifmelphpllncobkmimphfkckne [2019-01-30]
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdeldjolamfbcgnndjmjjiinnhbnbnla [2019-01-30]
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
S3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
S2 iocbios2; \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [X]
2019-01-30 11:23 - 2017-07-12 22:10 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-07-03 17:44 - 2003-03-21 11:45 - 000250544 _____ (KeyWorks Software) C:\Program Files (x86)\Common Files\keyhelp.ocx
2017-04-23 18:26 - 2017-04-23 18:27 - 000004608 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e3481821f8d1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{30102924-5B07-4F35-B38A-88A55A3DF3CB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{B82D7B9B-5C5D-4015-AA3B-15FD2522B401}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{52C3E1C5-4496-4259-A5CE-E9654E0D25E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{21A9E341-1AD0-4730-B24B-AB0BC29B571B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [UDP Query User{24D1BB75-0CB7-47A5-8713-3B40697D7CE7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.1040\agent.exe No File
FirewallRules: [TCP Query User{D2BFE56A-3216-4465-AB6A-48FDE2C483D7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.1040\agent.exe No File
FirewallRules: [TCP Query User{EC665A8C-9788-40EC-971F-F8133C4A7B7B}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{7E1D0964-37E4-4BB9-B0B3-F0941F846968}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe No File
*****************
Processes closed successfully.
C:\WINDOWS\System32\drivers\HipShieldK.sys => moved successfully
C:\WINDOWS\system32\DRIVERS\mfencbdc.sys => moved successfully
C:\WINDOWS\system32\DRIVERS\mfencrk.sys => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper" => removed successfully
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WAB Migrate" => removed successfully
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WAB Migrate" => removed successfully
HKU\S-1-5-21-59747867-2715415877-556145779-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea22ecce-cb30-11e4-be7f-8056f264031e} => removed successfully
HKLM\Software\Classes\CLSID\{ea22ecce-cb30-11e4-be7f-8056f264031e} => not found
HKU\S-1-5-21-59747867-2715415877-556145779-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\06510FF3985DC1CDFA0601F1A5C44831 => removed successfully
HKLM\Software\Classes\CLSID\06510FF3985DC1CDFA0601F1A5C44831 => not found
HKU\S-1-5-21-59747867-2715415877-556145779-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3A0CCF5E-31E3-45A9-A90D-0F7578B74B72} => removed successfully
HKLM\Software\Classes\CLSID\{3A0CCF5E-31E3-45A9-A90D-0F7578B74B72} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => removed successfully
HKLM\Software\Classes\CLSID\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => not found
"HKU\S-1-5-21-59747867-2715415877-556145779-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{91397D20-1446-11D4-8AF4-0040CA1127B6}" => removed successfully
HKLM\Software\Classes\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => not found
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com" => removed successfully
HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10 => removed successfully
"Chrome HomePage" => removed successfully
"Chrome NewTab" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => not found
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cncgohepihcekklokhbhiblhfcmipbdh [2019-01-30] => Error: No automatic fix found for this entry.
CHR Extension: (Стартовая — Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehngeifmelphpllncobkmimphfkckne [2019-01-30] => Error: No automatic fix found for this entry.
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdeldjolamfbcgnndjmjjiinnhbnbnla [2019-01-30] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\HipShieldK => removed successfully
HipShieldK => service removed successfully
HKLM\System\CurrentControlSet\Services\mfencbdc => removed successfully
mfencbdc => service removed successfully
HKLM\System\CurrentControlSet\Services\mfencrk => removed successfully
mfencrk => service removed successfully
HKLM\System\CurrentControlSet\Services\iocbios2 => removed successfully
iocbios2 => service removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Program Files (x86)\Common Files\keyhelp.ocx => moved successfully
C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e3481821f8d1.job => moved successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{30102924-5B07-4F35-B38A-88A55A3DF3CB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B82D7B9B-5C5D-4015-AA3B-15FD2522B401}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52C3E1C5-4496-4259-A5CE-E9654E0D25E9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{21A9E341-1AD0-4730-B24B-AB0BC29B571B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{24D1BB75-0CB7-47A5-8713-3B40697D7CE7}C:\programdata\battle.net\agent\agent.1040\agent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D2BFE56A-3216-4465-AB6A-48FDE2C483D7}C:\programdata\battle.net\agent\agent.1040\agent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EC665A8C-9788-40EC-971F-F8133C4A7B7B}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7E1D0964-37E4-4BB9-B0B3-F0941F846968}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe" => removed successfully
The system needed a reboot.
==== End of Fixlog 12:49:39 ====
Ran by PC (30-01-2019 12:49:24) Run:1
Running from C:\Users\PC\Downloads\FRST
Loaded Profiles: PC (Available Profiles: PC)
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
C:\WINDOWS\System32\drivers\HipShieldK.sys
C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
C:\WINDOWS\system32\DRIVERS\mfencrk.sys
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-59747867-2715415877-556145779-1001\...\MountPoints2: {ea22ecce-cb30-11e4-be7f-8056f264031e} - "F:\autohtml.exe"
SearchScopes: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> 06510FF3985DC1CDFA0601F1A5C44831 URL =
SearchScopes: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> {3A0CCF5E-31E3-45A9-A90D-0F7578B74B72} URL = hxxp://yandex.com/yandsearch?win=184&clid=1989596&text={searchTerms}
BHO: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
BHO-x32: No Name -> {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} -> No File
Toolbar: HKU\S-1-5-21-59747867-2715415877-556145779-1001 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
CHR HomePage: Default -> yandex.ru
CHR NewTab: Default -> Active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR DefaultSearchURL: Default -> hxxp://yandex.ru/search/?__PARAM__from= ... arch&text={searchTerms}
CHR DefaultSearchKeyword: Default -> yandex.ru
CHR DefaultSuggestURL: Default -> hxxp://suggest.yandex.net/suggest-ff.cgi?uil=ru&part={searchTerms}
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cncgohepihcekklokhbhiblhfcmipbdh [2019-01-30]
CHR Extension: (Стартовая — Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehngeifmelphpllncobkmimphfkckne [2019-01-30]
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdeldjolamfbcgnndjmjjiinnhbnbnla [2019-01-30]
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
S3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
S2 iocbios2; \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [X]
2019-01-30 11:23 - 2017-07-12 22:10 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-07-03 17:44 - 2003-03-21 11:45 - 000250544 _____ (KeyWorks Software) C:\Program Files (x86)\Common Files\keyhelp.ocx
2017-04-23 18:26 - 2017-04-23 18:27 - 000004608 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e3481821f8d1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{30102924-5B07-4F35-B38A-88A55A3DF3CB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{B82D7B9B-5C5D-4015-AA3B-15FD2522B401}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{52C3E1C5-4496-4259-A5CE-E9654E0D25E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [{21A9E341-1AD0-4730-B24B-AB0BC29B571B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
FirewallRules: [UDP Query User{24D1BB75-0CB7-47A5-8713-3B40697D7CE7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.1040\agent.exe No File
FirewallRules: [TCP Query User{D2BFE56A-3216-4465-AB6A-48FDE2C483D7}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.1040\agent.exe No File
FirewallRules: [TCP Query User{EC665A8C-9788-40EC-971F-F8133C4A7B7B}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe No File
FirewallRules: [UDP Query User{7E1D0964-37E4-4BB9-B0B3-F0941F846968}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe] => (Allow) C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe No File
*****************
Processes closed successfully.
C:\WINDOWS\System32\drivers\HipShieldK.sys => moved successfully
C:\WINDOWS\system32\DRIVERS\mfencbdc.sys => moved successfully
C:\WINDOWS\system32\DRIVERS\mfencrk.sys => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper" => removed successfully
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WAB Migrate" => removed successfully
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WAB Migrate" => removed successfully
HKU\S-1-5-21-59747867-2715415877-556145779-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ea22ecce-cb30-11e4-be7f-8056f264031e} => removed successfully
HKLM\Software\Classes\CLSID\{ea22ecce-cb30-11e4-be7f-8056f264031e} => not found
HKU\S-1-5-21-59747867-2715415877-556145779-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\06510FF3985DC1CDFA0601F1A5C44831 => removed successfully
HKLM\Software\Classes\CLSID\06510FF3985DC1CDFA0601F1A5C44831 => not found
HKU\S-1-5-21-59747867-2715415877-556145779-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3A0CCF5E-31E3-45A9-A90D-0F7578B74B72} => removed successfully
HKLM\Software\Classes\CLSID\{3A0CCF5E-31E3-45A9-A90D-0F7578B74B72} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => removed successfully
HKLM\Software\Classes\CLSID\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5} => not found
"HKU\S-1-5-21-59747867-2715415877-556145779-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{91397D20-1446-11D4-8AF4-0040CA1127B6}" => removed successfully
HKLM\Software\Classes\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => not found
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com" => removed successfully
HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10 => removed successfully
"Chrome HomePage" => removed successfully
"Chrome NewTab" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => not found
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cncgohepihcekklokhbhiblhfcmipbdh [2019-01-30] => Error: No automatic fix found for this entry.
CHR Extension: (Стартовая — Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehngeifmelphpllncobkmimphfkckne [2019-01-30] => Error: No automatic fix found for this entry.
CHR Extension: (Яндекс) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdeldjolamfbcgnndjmjjiinnhbnbnla [2019-01-30] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\HipShieldK => removed successfully
HipShieldK => service removed successfully
HKLM\System\CurrentControlSet\Services\mfencbdc => removed successfully
mfencbdc => service removed successfully
HKLM\System\CurrentControlSet\Services\mfencrk => removed successfully
mfencrk => service removed successfully
HKLM\System\CurrentControlSet\Services\iocbios2 => removed successfully
iocbios2 => service removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Program Files (x86)\Common Files\keyhelp.ocx => moved successfully
C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e3481821f8d1.job => moved successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{30102924-5B07-4F35-B38A-88A55A3DF3CB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B82D7B9B-5C5D-4015-AA3B-15FD2522B401}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52C3E1C5-4496-4259-A5CE-E9654E0D25E9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{21A9E341-1AD0-4730-B24B-AB0BC29B571B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{24D1BB75-0CB7-47A5-8713-3B40697D7CE7}C:\programdata\battle.net\agent\agent.1040\agent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D2BFE56A-3216-4465-AB6A-48FDE2C483D7}C:\programdata\battle.net\agent\agent.1040\agent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EC665A8C-9788-40EC-971F-F8133C4A7B7B}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7E1D0964-37E4-4BB9-B0B3-F0941F846968}C:\program files (x86)\martin\world of warcraft\utils\wowvoiceproxy.exe" => removed successfully
The system needed a reboot.
==== End of Fixlog 12:49:39 ====
Re: Spomalený NB, prosím o kontrolu logov
Ako je na tom pocitac?
► Vyšla moja nová kniha BOTNETY!
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << 
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---


----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Spomalený NB, prosím o kontrolu logov
Vyzerá to že si spomenul na mladé časy a funguje podstatne živšie.
Ďakujem a prajem príjemný deň.
Ďakujem a prajem príjemný deň.
Re: Spomalený NB, prosím o kontrolu logov
Neni zac. Majte sa aj vy pekne.
► Vyšla moja nová kniha BOTNETY!
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << 
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---


----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky