Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

zpomaleny notebook

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
cica18
Návštěvník
Návštěvník
Příspěvky: 134
Registrován: 12 bře 2007 17:37

zpomaleny notebook

#1 Příspěvek od cica18 »

moc diky za kontrolu....nez se mi otevre okno opery po startu notebooku ubehne tak 15 min!

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-04-2019 01
Ran by Marketa (administrator) on MIŠKA_PC (Acer Extensa 5235) (22-04-2019 08:57:29)
Running from C:\Users\Marketa\Desktop
Loaded Profiles: Marketa & (Available Profiles: Marketa)
Platform: Microsoft Windows 10 Pro Version 1803 17134.706 (X86) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() [File not signed] C:\Windows\AutoKMS\AutoKMS.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Acronis International GmbH -> Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(O and O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(pdfforge GmbH -> © pdfforge GmbH.) C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x86__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Acronis International GmbH -> Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Acronis International GmbH -> ) C:\Program Files\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exe
(Acronis International GmbH -> ) C:\Program Files\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cleanmgr.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.127\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\launcher.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.127\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.127\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.127\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.127\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.127\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.127\opera_autoupdate.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.127\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.127\opera_autoupdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.127\opera.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [2729800 2011-01-25] (O and O Software GmbH -> O&O Software GmbH)
HKLM\...\Run: [AcronisTibMounterMonitor] => C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [651560 2015-11-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [7211112 2015-11-26] (Acronis International GmbH -> )
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [531808 2015-11-26] (Acronis International GmbH -> Acronis)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [170128 2019-04-16] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [261944 2018-01-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3369152 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [iCloudPhotos] => C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [Spotify Web Helper] => C:\Users\Marketa\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-15] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [Spotify] => C:\Users\Marketa\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-15] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [794112 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3369152 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\Run: [iCloudPhotos] => C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\Run: [Spotify Web Helper] => C:\Users\Marketa\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-15] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\Run: [Spotify] => C:\Users\Marketa\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-15] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [794112 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32: [VIDC.VP80] => vp8vfw.dll
HKLM\Software\...\AppCompatFlags\InstalledSDB\{49cd2afd-8679-48a5-90ab-e7044bee2465}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{49cd2afd-8679-48a5-90ab-e7044bee2465}.sdb [2018-01-31]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-05-30]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\Users\Marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2017-07-06]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04F5EF1A-2245-4E44-9101-E2D82EF97B81} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {05F97EC3-2F24-43D2-847C-A7346E58CA71} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0A2B15C6-25E0-451E-8E91-2AF750023A74} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {16772258-5184-40CE-9C5E-118D909E7520} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16AACE3D-5BC4-41D1-9007-51876847D292} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {267F02CE-9294-49AA-BEA1-35E8EF4E372A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2A08913C-1590-4C55-8F82-A6258FAA61F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2AFEA56C-A2D0-494D-AA2E-1EAC4AB2CB12} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2B33E69D-832A-4935-8A81-C1FA49C27F19} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {365DBAF7-B039-4F85-98E6-75B63B23A0A8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {3B34F186-629D-41FB-B5E2-CC5AD3308AA8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {420099BE-274E-4BDD-84FF-AD4D4F1D1071} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {438A734A-06B0-40E0-AEC2-17B2D7574784} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {45BC88B3-DCF6-49BD-8355-B8F203AE97ED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {45D65AE4-6633-4D35-8D99-8A347982AA19} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe () [File not signed]
Task: {4C7582D2-603B-4BDF-B1ED-BF65CD6F9A3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {50901034-61A5-42AF-8B45-96FA4C764208} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {53F6286D-FA12-4CD2-9D10-DA0B258B2909} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5E5384CB-45DD-4708-90A2-A5E010CF1540} - System32\Tasks\Opera scheduled Autoupdate 1432823111 => C:\Program Files\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {61B70AF6-8250-46C0-98F8-69D1B68935A4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {637E646C-3CE0-4670-9372-A5AC71BF3788} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {649DF120-67E8-4925-B1A5-2BA367C5A76D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {672DE8B6-7AA0-4317-9FBF-2578CA92DE37} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {6AE07635-45E1-43B9-9D96-D437262BEDBD} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6B1BD1F4-A234-41BE-9E2A-D17A62F956BB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6E36D2E3-60F6-4C17-AAF8-810A9D820D67} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {6FCC9221-D567-4596-A885-ADF7A884F285} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {76D5E458-C9D8-4817-BD13-4D03A0279CCA} - System32\Tasks\Microsoft\Windows\WS\WSSync => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\dllhost.exe <==== ATTENTION
Task: {7A06E2FD-F298-4738-AD9C-F17C2BC2FF7F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7CFAA576-3376-4083-9699-4FDFBE36E8DF} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7DF3DF9B-EBC7-44E0-A382-777569180A0C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {7E63A22E-41FC-4633-8001-FB71CC8AA42A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {80B1DBBB-EAB4-489C-9603-255E2B602B8A} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe (Garmin International, Inc. -> )
Task: {80CA29C1-DBDD-4C1A-9C98-BACC79D65ED0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {866656F3-2894-4EAC-98F2-EBBAEE3AC8F9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8BE17CE1-1ED7-4EE3-BB86-2EC9B6770E3E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8BEA8825-F93B-43E0-BE8E-D555772D733E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8DC0AAF2-BCE6-4114-8F9B-5B60FFE945DF} - System32\Tasks\simplitec Power Suite (Tray) => C:\Program Files\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: {923893C7-8058-4AF1-B65C-1424082DF12C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {934CAAFB-3BEF-4A1A-90CA-2D4AEBA14468} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {9DB73F69-C4BE-4B9B-8D70-4DD099A165C9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A9EA437A-2CD1-42A9-A68F-8570247BC9E2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B6640A37-CB0A-4229-821E-265FAEA8E1B9} - System32\Tasks\Microsoft\Windows\WS\WSLicenses => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\WmiPrvSE.exe
Task: {C160B9FD-2363-4070-A31A-83D5D712A8AF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {C5CC8820-9F6F-41A5-BE27-11DBED0EFBAB} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CB0ED607-C190-477E-BC77-7034F0B40CB7} - System32\Tasks\simplitec Power Suite => C:\Program Files\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION
Task: {D529309B-8B7D-45BB-9171-E84836347144} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {E34AC330-BFAA-4CBF-ABDA-747701E56714} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E637861D-B821-4E05-A658-31C8164FA036} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F13F0836-2020-424E-8CBE-D2F7668AD649} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F8058EAB-E2C2-4693-B0D5-77EF381CC9F9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\simplitec Power Suite (Tray).job => C:\Program Files\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 activation.acronis.com
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{1173f753-17d4-4850-a183-65b85c32fd2b}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{33d6e746-36c2-49f2-87b8-f41fefa7a894}: [DhcpNameServer] 84.16.104.129 84.16.96.2

Internet Explorer:
==================
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files\PDF Architect 5\creator-ie-helper.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files\PDF Architect 5\creator-ie-plugin.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: hp74wju1.default-1524235288261
FF ProfilePath: C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\hp74wju1.default-1524235288261 [2019-04-19]
FF Extension: (No Name) - C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\hp74wju1.default-1524235288261\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-21] (Adobe Systems Incorporated -> )
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (Garmin International, Inc. -> GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: PDF Architect 5 -> C:\Program Files\PDF Architect 5\np-previewer.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default [2019-04-15]
CHR Extension: (Prezentace) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-21]
CHR Extension: (Dokumenty) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-21]
CHR Extension: (Disk Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-04-15]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-04-15]
CHR Extension: (YouTube) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Tabulky) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-04-15]
CHR Extension: (Gmail) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-08]
CHR Extension: (Chrome Media Router) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-15]

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Marketa\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-05-16]
OPR Extension: (YouTube Downloader) - C:\Users\Marketa\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2015-05-29]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [950584 2015-11-26] (Acronis International GmbH -> Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [4463960 2016-06-03] (Acronis International GmbH -> Acronis)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1125568 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1887640 2019-04-16] (ESET, spol. s r.o. -> ESET)
S2 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [696320 2011-08-18] (Hewlett-Packard Co.) [File not signed]
S2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S4 mmsminisrv; C:\Program Files\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis International GmbH -> Acronis)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2336072 2011-01-25] (O and O Software GmbH -> O&O Software GmbH)
S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2470576 2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [982200 2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [780984 2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Manager; C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (pdfforge GmbH -> © pdfforge GmbH.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3349200 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7637744 2015-11-06] (Acronis International GmbH -> Acronis)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [238176 2017-01-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3624312 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [86408 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3228672 2018-04-11] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [42912 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2016-05-06] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2016-05-06] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [125056 2019-03-13] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [91720 2019-03-13] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2019-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [147288 2019-03-13] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43952 2019-03-13] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [72480 2019-03-13] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [94856 2019-03-13] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [128552 2019-04-21] (Malwarebytes Corporation -> Malwarebytes)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [249184 2016-06-03] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [13224 2006-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Chicony)
R3 igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [9036288 2012-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x86.sys [102912 2018-04-11] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [172280 2019-04-21] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [17352 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [107168 2019-04-21] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [64088 2019-04-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [240440 2019-04-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94488 2019-04-21] (Malwarebytes Corporation -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl.sys [18944 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [26792 2015-08-16] (Synaptics Incorporated -> Synaptics Incorporated)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [685400 2016-06-03] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [156504 2016-06-03] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [398680 2016-06-03] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [229720 2016-06-03] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37448 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [271776 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [30208 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [189952 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-22 08:57 - 2019-04-22 09:05 - 000033989 _____ C:\Users\Marketa\Desktop\FRST.txt
2019-04-22 08:53 - 2019-04-22 08:57 - 000000000 ____D C:\FRST
2019-04-22 08:47 - 2019-04-22 08:50 - 001793536 _____ (Farbar) C:\Users\Marketa\Desktop\FRST.exe
2019-04-21 23:26 - 2019-04-22 08:17 - 000240440 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-04-21 22:34 - 2019-04-22 08:18 - 000064088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-04-21 22:31 - 2019-04-21 22:31 - 000172280 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-04-21 22:31 - 2019-04-21 22:31 - 000107168 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-04-21 22:31 - 2019-04-21 22:31 - 000094488 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-04-21 18:02 - 2019-04-21 18:02 - 000000000 ____D C:\Users\Marketa\AppData\Local\mbamtray
2019-04-21 18:00 - 2019-02-01 11:20 - 000017352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-04-21 17:59 - 2019-04-21 18:08 - 000128552 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae.sys
2019-04-21 17:59 - 2019-04-21 17:59 - 000002093 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-21 17:59 - 2019-04-21 17:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-10 13:47 - 2019-04-02 11:21 - 000078864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 13:47 - 2019-04-02 11:18 - 000636880 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-10 13:47 - 2019-04-02 11:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-10 13:47 - 2019-04-02 07:10 - 000994264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 13:47 - 2019-04-02 07:05 - 000633360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-10 13:47 - 2019-04-02 07:05 - 000343056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-10 13:47 - 2019-04-02 07:04 - 006683664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 13:47 - 2019-04-02 07:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 13:47 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 13:47 - 2019-04-02 06:45 - 002811392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 13:47 - 2019-04-02 06:43 - 001753088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 13:47 - 2019-04-02 06:42 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 13:47 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 13:47 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-10 13:47 - 2019-03-14 15:56 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-10 13:47 - 2019-03-14 10:58 - 000289080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-10 13:47 - 2019-03-14 10:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-10 13:47 - 2019-03-14 10:20 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-10 13:47 - 2019-03-14 10:18 - 001844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-10 13:47 - 2019-03-14 10:17 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-10 13:47 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 13:47 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-10 13:47 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-10 13:47 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-10 13:46 - 2019-04-02 11:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-10 13:46 - 2019-04-02 11:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 13:46 - 2019-04-02 07:05 - 002350392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 13:46 - 2019-04-02 07:05 - 002144272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 13:46 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 13:46 - 2019-04-02 06:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 13:46 - 2019-04-02 06:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 13:46 - 2019-04-02 06:41 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 13:46 - 2019-04-02 06:40 - 001733632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-10 13:46 - 2019-04-02 06:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 13:46 - 2019-03-14 15:55 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-10 13:46 - 2019-03-14 10:57 - 000480264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 13:46 - 2019-03-14 10:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 13:46 - 2019-03-14 10:37 - 002031112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 13:46 - 2019-03-14 10:37 - 000140832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 13:46 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 13:46 - 2019-03-14 10:21 - 003255296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 13:46 - 2019-03-14 10:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 13:46 - 2019-03-14 10:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-10 13:46 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-10 13:46 - 2019-03-14 10:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-04-10 13:46 - 2019-03-14 10:18 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 13:46 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 13:46 - 2019-03-14 10:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-10 13:46 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 13:46 - 2019-03-14 10:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-10 13:46 - 2019-03-14 10:16 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-10 13:46 - 2019-03-14 10:15 - 002415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-10 13:46 - 2019-03-14 10:15 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-10 13:46 - 2019-03-14 10:15 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 13:46 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 13:46 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 13:46 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-10 13:46 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 13:46 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-10 13:46 - 2019-03-14 10:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-04-10 13:46 - 2019-03-14 10:13 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-10 13:46 - 2019-03-14 10:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 13:45 - 2019-04-02 11:25 - 001465512 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-10 13:45 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 13:45 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 13:45 - 2019-04-02 11:08 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 13:45 - 2019-04-02 11:08 - 001082880 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 13:45 - 2019-04-02 11:08 - 000890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 13:45 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 13:45 - 2019-04-02 11:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 13:45 - 2019-04-02 11:05 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 13:45 - 2019-04-02 11:05 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 13:45 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 13:45 - 2019-04-02 06:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-10 13:45 - 2019-04-02 06:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-10 13:45 - 2019-04-02 06:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 13:45 - 2019-04-02 06:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-10 13:45 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 13:45 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 001268232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 001118216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000937992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000828936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000634376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-04-10 13:45 - 2019-03-14 16:12 - 000620552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000577544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000483336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000482312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000368648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000285192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000118304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-04-10 13:45 - 2019-03-14 16:10 - 000142136 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 13:45 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 13:45 - 2019-03-14 15:55 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-10 13:45 - 2019-03-14 15:55 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-10 13:45 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 13:45 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-10 13:45 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 13:45 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 13:45 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-10 13:45 - 2019-03-14 10:39 - 000119328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 13:45 - 2019-03-14 10:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 13:45 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 13:45 - 2019-03-14 10:37 - 001190704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-10 13:45 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 13:45 - 2019-03-14 10:37 - 001051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-10 13:45 - 2019-03-14 10:37 - 000950088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 13:45 - 2019-03-14 10:37 - 000831736 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 13:45 - 2019-03-14 10:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-10 13:45 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 13:45 - 2019-03-14 10:18 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-10 13:45 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 13:45 - 2019-03-14 10:17 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 13:45 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 13:45 - 2019-03-14 10:17 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 13:45 - 2019-03-14 10:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-10 13:45 - 2019-03-14 10:16 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-10 13:45 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 13:45 - 2019-03-14 10:14 - 000733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 13:45 - 2019-03-14 10:14 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-10 13:45 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 13:45 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-10 13:45 - 2019-03-14 03:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2019-04-10 13:45 - 2019-03-14 03:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspbde40.dll
2019-04-10 13:45 - 2019-03-14 03:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-04-10 13:45 - 2019-03-14 03:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2019-04-10 13:44 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 13:44 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-10 13:44 - 2019-03-14 10:17 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-10 13:44 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-10 13:44 - 2019-03-14 10:17 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-10 13:44 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-10 13:44 - 2019-03-14 10:14 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-10 13:44 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxbde40.dll
2019-04-04 10:18 - 2019-04-15 15:43 - 000000000 ____D C:\RQMONEY
2019-04-02 14:31 - 2019-04-02 14:31 - 000000000 ____D C:\Users\Marketa\Documents\VideoPad Projects
2019-04-02 13:27 - 2019-04-02 13:28 - 000000000 ____D C:\Users\Marketa\AppData\Local\FreemakeVideoConverter
2019-04-02 13:25 - 2019-04-21 18:24 - 000000000 ____D C:\ProgramData\Freemake
2019-04-02 13:25 - 2019-04-02 13:28 - 000000000 ____D C:\Users\Marketa\Documents\Freemake
2019-04-02 13:24 - 2019-04-21 18:24 - 000000000 ____D C:\Program Files\Freemake
2019-04-01 10:36 - 2019-04-01 10:36 - 000000761 _____ C:\Users\Marketa\Desktop\Škola UHK – zástupce.lnk

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-22 09:05 - 2018-04-11 22:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-22 08:26 - 2018-04-11 22:31 - 000000000 ____D C:\WINDOWS\INF
2019-04-22 08:04 - 2018-07-26 16:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-22 08:04 - 2018-07-26 15:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-22 07:43 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-21 23:07 - 2018-07-26 15:43 - 000000000 ____D C:\Users\Marketa
2019-04-21 23:05 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-21 18:38 - 2016-12-26 10:33 - 000000000 ____D C:\ProgramData\TEMP
2019-04-21 18:23 - 2017-10-21 11:33 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-04-21 18:19 - 2018-11-26 18:04 - 000000000 ____D C:\Program Files\HappyFoto DESIGNER
2019-04-21 18:00 - 2018-04-11 22:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-21 12:56 - 2015-05-28 16:25 - 000000000 ____D C:\Program Files\Opera
2019-04-21 09:55 - 2018-08-08 09:29 - 000000000 ____D C:\Users\Marketa\AppData\Local\D3DSCache
2019-04-20 21:32 - 2015-05-28 16:46 - 000000000 ____D C:\Users\Marketa\Documents\Soubory aplikace Outlook
2019-04-20 16:33 - 2018-03-10 10:08 - 000000000 ____D C:\Users\Marketa\AppData\Local\Packages
2019-04-18 20:46 - 2018-04-11 22:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-17 21:06 - 2018-04-11 14:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-12 18:54 - 2016-09-25 14:31 - 000000000 ____D C:\Users\Marketa\Desktop\Zdraví
2019-04-12 12:16 - 2017-01-11 22:06 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-11 13:06 - 2015-07-08 22:21 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 12:08 - 2016-08-08 10:19 - 000015288 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2019-04-10 16:53 - 2018-07-26 15:37 - 000496856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-10 14:09 - 2018-04-12 06:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-10 14:09 - 2018-04-11 22:36 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-10 14:09 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-10 14:09 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-04-10 14:09 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-10 14:03 - 2018-04-11 22:25 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-10 13:37 - 2015-05-28 16:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-04-10 13:33 - 2015-05-28 22:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 13:18 - 2015-05-28 22:45 - 128044056 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-10 13:10 - 2013-08-22 08:13 - 000000222 _____ C:\WINDOWS\win.ini
2019-04-07 08:11 - 2018-10-05 13:49 - 000000000 ____D C:\Users\Marketa\AppData\Local\CrashDumps
2019-04-05 12:14 - 2018-01-12 17:10 - 000000000 ____D C:\Program Files\rempl
2019-04-04 17:46 - 2018-07-26 15:58 - 001693770 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-04 17:46 - 2018-04-12 06:53 - 000716276 _____ C:\WINDOWS\system32\perfh005.dat
2019-04-04 17:46 - 2018-04-12 06:53 - 000144534 _____ C:\WINDOWS\system32\perfc005.dat
2019-04-02 14:45 - 2018-11-04 19:46 - 000000000 ____D C:\Users\Marketa\AppData\Roaming\MuseScore
2019-04-02 13:50 - 2018-12-29 16:33 - 000000000 ____D C:\Users\Marketa\AppData\Local\Windows Live
2019-04-02 06:44 - 2015-06-11 16:07 - 000020057 _____ C:\WINDOWS\BRRBCOM.INI
2019-04-01 19:51 - 2018-04-11 22:39 - 000835480 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerApp.exe
2019-04-01 19:51 - 2018-04-11 22:39 - 000179608 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2019-04-01 11:22 - 2016-06-25 13:37 - 000000000 ____D C:\Users\Marketa\Desktop\TianDe

==================== Files in the root of some directories =======

2016-06-29 09:26 - 2018-10-05 13:57 - 000000600 _____ () C:\Users\Marketa\AppData\Roaming\winscp.rnd
2016-09-07 13:22 - 2016-09-07 13:22 - 000000000 _____ () C:\Users\Marketa\AppData\Local\{416F4876-A0C4-47CA-9E65-61D9EDA40702}
2015-10-30 08:04 - 2015-10-30 08:04 - 000000000 _____ () C:\Users\Marketa\AppData\Local\{554CE765-827A-4AD1-A9C0-F4B29CC961DE}
2018-11-10 14:16 - 2018-11-10 14:16 - 000000000 _____ () C:\Users\Marketa\AppData\Local\{5FA94A95-DBCF-404B-B15D-A2160AD9DDA4}
2015-10-19 12:19 - 2015-10-19 12:19 - 000000000 _____ () C:\Users\Marketa\AppData\Local\{927C9663-A771-4DF6-A3E8-BB82CD825E8A}
2016-01-15 13:00 - 2016-01-15 13:00 - 000000000 _____ () C:\Users\Marketa\AppData\Local\{9B458FB3-3FBA-42E8-8080-4AC1C506B711}
2015-10-07 12:38 - 2015-10-07 12:38 - 000000000 _____ () C:\Users\Marketa\AppData\Local\{E6938C34-BFDB-4CCA-AFCA-4799AA530994}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-04-2019 01
Ran by Marketa (22-04-2019 09:08:12)
Running from C:\Users\Marketa\Desktop
Microsoft Windows 10 Pro Version 1803 17134.706 (X86) (2018-07-26 14:13:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2523095765-2521646832-716613247-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2523095765-2521646832-716613247-503 - Limited - Disabled)
Guest (S-1-5-21-2523095765-2521646832-716613247-501 - Limited - Disabled)
Marketa (S-1-5-21-2523095765-2521646832-716613247-1001 - Administrator - Enabled) => C:\Users\Marketa
quhvtjopkl (S-1-5-21-2523095765-2521646832-716613247-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2523095765-2521646832-716613247-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM\...\{A80FA752-C491-4ED9-ABF0-4278563160B2}) (Version: 7.1.8 - Hewlett-Packard) Hidden
Acronis True Image 2016 (HKLM\...\{64AB919C-28AA-4260-A147-1A88E53EE978}) (Version: 19.0.6027 - Acronis) Hidden
Acronis True Image 2016 (HKLM\...\{64AB919C-28AA-4260-A147-1A88E53EE978}Visible) (Version: 19.0.6027 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
ANT Drivers Installer x86 (HKLM\...\{E64F69D8-38FE-48B8-95AB-CC676FA636F1}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Video Converter 6.2.5 (HKLM\...\Any Video Converter) (Version: 6.2.5 - Anvsoft)
Apple Mobile Device Support (HKLM\...\{BD40DFE8-9908-43A8-93C0-67608DD3D400}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (HKLM\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Copy (HKLM\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0154 - Disc Soft Ltd)
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F4500_SW_MIN (HKLM\...\{8AABFB1F-A5A9-48A6-A8EB-C5F819C89037}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
Elevated Installer (HKLM\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Security (HKLM\...\{43331BEA-C00B-4EF6-8CF3-3957ECA032CB}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
F4500 (HKLM\...\{6326C5A9-0FC0-4FAF-B675-7333FE16DB57}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
FFmpeg (Windows) for Audacity verze 2.2.2 (HKLM\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
Fotogalerie (HKLM\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeFileSync 8.2 (HKLM\...\FreeFileSync_is1) (Version: 8.2 - www.FreeFileSync.org)
Garmin Communicator Plugin (HKLM\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
GPBaseService2 (HKLM\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{FD126052-310E-4364-937B-6B5564F24578}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{8C0BFEB8-6679-4A88-B4EC-2DF8BEC18CE0}) (Version: 7.1.0.34 - Apple Inc.)
Inkscape 0.91 (HKLM\...\Inkscape) (Version: 0.91 - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{6EBB5549-1773-43E1-BB82-E7A14CA5AB6B}) (Version: 12.7.3.46 - Apple Inc.)
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Manager (HKLM\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
MarketResearch (HKLM\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Movie Maker (HKLM\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPC-HC 1.7.10 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
MuseScore 2 (HKLM\...\{7D01160E-D30F-4E88-8872-4A0A0A782E2E}) (Version: 2.3.2 - Werner Schweer and Others)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NetSpot (HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\a6e43da6e76c5494) (Version: 1.0.0.334 - Etwok LLC)
NetSpot (HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\a6e43da6e76c5494) (Version: 1.0.0.334 - Etwok LLC)
Network (HKLM\...\{B20B30E2-3071-4A7B-8967-3A4B3932DADF}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
O&O Defrag Free Edition (HKLM\...\{E29CFB36-F070-4612-8DB5-7038161B6294}) (Version: 14.1.431 - O&O Software GmbH)
Opera Stable 58.0.3135.127 (HKLM\...\Opera 58.0.3135.127) (Version: 58.0.3135.127 - Opera Software)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF Architect 5 Create Module (HKLM\...\{195F60E3-5445-4DDA-8A65-C1A221E1D6FA}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDF Architect 5 Edit Module (HKLM\...\{1EC3144E-90D5-4936-8292-E8C5152ADF77}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDF Architect 5 View Module (HKLM\...\{BD9CE601-084F-49A2-9E13-F0BF6AD7FEEB}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.0.2 - pdfforge GmbH)
Podpora aplikací Apple (32bitová) (HKLM\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Rajče průvodce verze 1.59.54.269 (HKLM\...\rajce.net_is1) (Version: - rajce.net)
Scan (HKLM\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
SolutionCenter (HKLM\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB)
Spotify (HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB)
Status (HKLM\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.1.3.6 - Synaptics Incorporated)
Toolbox (HKLM\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB4462207) 32-Bit Edition (HKLM\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{E78636E8-8D6F-494B-917B-3F5D79693E95}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4462207) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E78636E8-8D6F-494B-917B-3F5D79693E95}) (Version: - Microsoft)
UpdateAssistant (HKLM\...\{DE6D7469-B5F8-473E-AD8E-4C2BF29EECBA}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden
VideoPad Video Editor (HKLM\...\VideoPad) (Version: 6.30 - NCH Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (HKLM\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.66 - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Setup Remediations (x86) (KB4023057) (HKLM\...\{49cd2afd-8679-48a5-90ab-e7044bee2465}.sdb) (Version: - )
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 5.7.7 (HKLM\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
Your Uninstaller! 7 (HKLM\...\YU2010_is1) (Version: 7.5.2014.3 - URSoft, Inc.)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.84 - ZONER software)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923_Classes\CLSID\{10fa89b1-dfc1-4cca-b2f3-4b7b6cf1c9b9}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> D:\Program Files\Zoner\Photo Studio 19\Program32\SHELLEXT.DLL (ZONER software, a.s. -> ZONER software)
CustomCLSID: HKU\S-1-5-21-2523095765-2521646832-716613247-1001_Classes\CLSID\{10fa89b1-dfc1-4cca-b2f3-4b7b6cf1c9b9}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2523095765-2521646832-716613247-1001_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> D:\Program Files\Zoner\Photo Studio 19\Program32\SHELLEXT.DLL (ZONER software, a.s. -> ZONER software)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2015-11-11] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2015-11-11] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2015-11-11] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2019-04-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> [CC]{00B7B69F-6774-4906-9C7F-7D117A3644A9} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-09-04] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PhotoStreamsExt] -> [CC]{89D984B3-813B-406A-8298-118AFA3A22AE} => -> No File
ContextMenuHandlers1: [VersionsPageShellExt] -> [CC]{9E42900A-85F9-4E67-9778-575FBBA0A81C} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2019-04-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2019-04-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-2523095765-2521646832-716613247-1001: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => D:\Program Files\Zoner\Photo Studio 19\Program32\SHELLEXT.DLL [2018-11-01] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers2_S-1-5-21-2523095765-2521646832-716613247-1001: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => D:\Program Files\Zoner\Photo Studio 19\Program32\SHELLEXT.DLL [2018-11-01] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers4_S-1-5-21-2523095765-2521646832-716613247-1001: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => D:\Program Files\Zoner\Photo Studio 19\Program32\SHELLEXT.DLL [2018-11-01] (ZONER software, a.s. -> ZONER software)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-11-06 00:26 - 2018-11-06 00:26 - 005196288 _____ () [File not signed] C:\WINDOWS\AutoKMS\AutoKMS.exe
2017-12-02 19:30 - 2017-12-02 19:30 - 000097792 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2010-08-06 11:13 - 2010-08-06 11:13 - 000044032 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:13 - 2010-08-06 11:13 - 000053760 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2011-08-18 01:24 - 2011-08-18 01:24 - 000696320 _____ (Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpslpsvc32.dll
2015-10-06 17:13 - 2015-12-02 10:09 - 001486337 _____ (Acronis) [File not signed] C:\Program Files\Common Files\Acronis\Home\libcrypto10.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-21 17:58 - 2019-04-21 18:08 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2018-10-05 16:03 - 2019-04-21 18:08 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [152]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:13 - 2016-06-03 00:28 - 000000861 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 activation.acronis.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Common Files\Acronis\VirtualFile\;C:\Program Files\Common Files\Acronis\SnapAPI\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Windows Live\Shared
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081812673\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813141\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "HP Software Update"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "OODefragTray"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "seznam-listicka-distribuce"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\StartupFolder: => "Odeslat do OneNote.lnk"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\StartupApproved\StartupFolder: => "Odeslat do OneNote.lnk"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019081813923\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1BC9C950-EF5B-46E9-9F4F-89DACFF96BDD}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0E223796-D8B0-4254-82AA-1171B3472EB3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File
FirewallRules: [{52111039-0A36-4D01-B0B7-36EFD7578C87}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{234FA061-2DED-492F-9FB0-0815CF25A499}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7B2D8C3A-5B4F-4F01-A604-3CD90E8F8818}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{43BCF6DD-01DC-49DF-A043-F95643A952A3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{57DD66DB-E41A-47D3-8045-D59E2AC0AC5E}C:\users\marketa\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marketa\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{4388FDBC-CDC3-4F09-BABC-A421325AB135}C:\users\marketa\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marketa\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{BBF3D53A-8BF0-462C-8BC8-029CE1AAB263}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{157F580B-BC8E-4E8C-842E-6E38504E7EB0}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{2D3EAA6D-A87E-46D7-8105-BA418613AAE3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0E5A1C8B-F3C8-4417-BEFE-0BC219D93A45}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{3FAF87DC-3C30-4728-9ED7-BFF6A74CF3A3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{EEBB5EBF-4DE0-446B-AD51-B0F17F5B3D0F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{8C607B98-B8DF-4D39-9BBC-336DFA40C9C0}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{DE1928BB-1C58-4545-AA09-36C1C10EAC40}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{21E9FCCF-1ED7-4855-86FB-00CE9B447E09}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{24C8971C-C635-4419-BADD-E8DA1EF22304}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{914FF18E-00B1-4747-8554-2AC115A0400F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{EB17C0A9-A3E5-44C5-A285-93DB3641CC1B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{DBB3CF2D-2424-4E9E-8968-E9D846FFE637}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{AECAAC1D-EAD7-422A-AD39-BDECDD3B5D9D}] => (Allow) C:\Program Files\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{69F4339A-4CD2-4A38-AACF-A257BDEE2E0F}] => (Allow) C:\Program Files\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{52E6D252-2577-4D3F-91BA-193A748B3D77}] => (Allow) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{1DB9F5C1-B28D-4796-B05A-1B7FD89B6245}] => (Allow) C:\Program Files\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{0C6B85E7-F3A6-4E5F-8F1A-B0CBE3CDA54F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C3C2F31B-AA37-45DD-A68E-0FB7376A8B4A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B08BD5FE-2E28-4CC9-AD3F-90BED978CD34}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3C3AF5CC-9968-4DCA-BE5E-25664DBA21EA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F651169D-0F0A-4BC7-B4C0-089D87A3F964}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4B54B26C-DE6F-4C57-BFF3-C206BE481792}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6441698F-A34A-4DA2-A88D-0BA85D5FF7F5}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{98328CAE-D35D-406E-8ABE-D9A61B21AA3F}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F8E431B4-DAC4-4015-8CF5-66438E78FE76}] => (Allow) LPort=2869
FirewallRules: [{C34B9A7C-B0A8-4D59-96A1-97A40A85C6AD}] => (Allow) LPort=1900
FirewallRules: [{BC972F8E-88F0-4245-A64F-228069EF2DBF}] => (Allow) C:\Program Files\Opera\58.0.3135.118\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{D0F730CA-295E-4CD0-9C01-14DDC9156084}] => (Allow) C:\Program Files\Opera\58.0.3135.127\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{AFF4B5DF-9BB8-4C00-95E1-EF6EF90CC42F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/22/2019 09:05:09 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (2688,R,98) WebCacheLocal: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -1022.

Error: (04/22/2019 09:05:09 AM) (Source: ESENT) (EventID: 419) (User: )
Description: taskhostw (2688,R,98) WebCacheLocal: Stránka 229 databáze C:\Users\Marketa\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat se nedá číst. Chyba: -1022

Error: (04/22/2019 09:04:58 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (2688,R,98) WebCacheLocal: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -1022.

Error: (04/22/2019 09:04:58 AM) (Source: ESENT) (EventID: 419) (User: )
Description: taskhostw (2688,R,98) WebCacheLocal: Stránka 229 databáze C:\Users\Marketa\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat se nedá číst. Chyba: -1022

Error: (04/22/2019 09:04:46 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (2688,R,98) WebCacheLocal: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -1022.

Error: (04/22/2019 09:04:46 AM) (Source: ESENT) (EventID: 419) (User: )
Description: taskhostw (2688,R,98) WebCacheLocal: Stránka 229 databáze C:\Users\Marketa\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat se nedá číst. Chyba: -1022

Error: (04/22/2019 09:04:36 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (2688,R,98) WebCacheLocal: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -1022.

Error: (04/22/2019 09:04:35 AM) (Source: ESENT) (EventID: 419) (User: )
Description: taskhostw (2688,R,98) WebCacheLocal: Stránka 229 databáze C:\Users\Marketa\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat se nedá číst. Chyba: -1022


System errors:
=============
Error: (04/22/2019 09:05:09 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/22/2019 09:05:06 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/22/2019 09:05:03 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/22/2019 09:05:01 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/22/2019 09:04:58 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/22/2019 09:04:55 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/22/2019 09:04:52 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/22/2019 09:04:49 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.


CodeIntegrity:
===================================

Date: 2019-04-22 08:31:50.863
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\58.0.3135.127\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Celeron(R) Dual-Core CPU T3500 @ 2.10GHz
Percentage of memory in use: 84%
Total physical RAM: 1976.92 MB
Available physical RAM: 313.28 MB
Total Virtual: 3640.92 MB
Available Virtual: 1199.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.12 GB) (Free:4.86 GB) NTFS
Drive d: () (Fixed) (Total:200.43 GB) (Free:119.94 GB) NTFS

\\?\Volume{a8a2a562-0544-11e5-9713-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{dbb3141b-0000-0000-0000-f04d18000000}\ () (Fixed) (Total:0.44 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: DBB3141B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny notebook

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

cica18
Návštěvník
Návštěvník
Příspěvky: 134
Registrován: 12 bře 2007 17:37

Re: zpomaleny notebook

#3 Příspěvek od cica18 »

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-18.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-22-2019
# Duration: 00:00:15
# OS: Windows 10 Pro
# Cleaned: 8
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files\Seznam.cz
Deleted C:\Users\Marketa\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1862 octets] - [22/04/2019 11:48:54]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny notebook

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

cica18
Návštěvník
Návštěvník
Příspěvky: 134
Registrován: 12 bře 2007 17:37

Re: zpomaleny notebook

#5 Příspěvek od cica18 »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-04-2019 01
Ran by Marketa (administrator) on MIŠKA_PC (Acer Extensa 5235) (22-04-2019 14:14:50)
Running from C:\Users\Marketa\Desktop
Loaded Profiles: Marketa (Available Profiles: Marketa)
Platform: Microsoft Windows 10 Pro Version 1803 17134.706 (X86) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() [File not signed] C:\Windows\AutoKMS\AutoKMS.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(O and O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Acronis International GmbH -> Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 5\creator-ws.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\launcher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x86__8wekyb3d8bbwe\HxTsr.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x86__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Acronis International GmbH -> ) C:\Program Files\Common Files\Acronis\TrueImageHome\TrueImageHomeNotify.exe
(Acronis International GmbH -> ) C:\Program Files\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe
(ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) C:\Program Files\Common Files\Acronis\VssRequestor\vss_requestor.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [2729800 2011-01-25] (O and O Software GmbH -> O&O Software GmbH)
HKLM\...\Run: [AcronisTibMounterMonitor] => C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [651560 2015-11-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [7211112 2015-11-26] (Acronis International GmbH -> )
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [531808 2015-11-26] (Acronis International GmbH -> Acronis)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [170128 2019-04-16] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [261944 2018-01-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3369152 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [iCloudPhotos] => C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [Spotify Web Helper] => C:\Users\Marketa\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-15] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [Spotify] => C:\Users\Marketa\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-15] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-10-19] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [794112 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32: [VIDC.VP80] => vp8vfw.dll
HKLM\Software\...\AppCompatFlags\InstalledSDB\{49cd2afd-8679-48a5-90ab-e7044bee2465}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{49cd2afd-8679-48a5-90ab-e7044bee2465}.sdb [2018-01-31]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-05-30]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\Users\Marketa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2017-07-06]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04F5EF1A-2245-4E44-9101-E2D82EF97B81} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {05F97EC3-2F24-43D2-847C-A7346E58CA71} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0A2B15C6-25E0-451E-8E91-2AF750023A74} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {16772258-5184-40CE-9C5E-118D909E7520} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16AACE3D-5BC4-41D1-9007-51876847D292} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {267F02CE-9294-49AA-BEA1-35E8EF4E372A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2A08913C-1590-4C55-8F82-A6258FAA61F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2AFEA56C-A2D0-494D-AA2E-1EAC4AB2CB12} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2B33E69D-832A-4935-8A81-C1FA49C27F19} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {365DBAF7-B039-4F85-98E6-75B63B23A0A8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {3B34F186-629D-41FB-B5E2-CC5AD3308AA8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {420099BE-274E-4BDD-84FF-AD4D4F1D1071} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {438A734A-06B0-40E0-AEC2-17B2D7574784} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {45BC88B3-DCF6-49BD-8355-B8F203AE97ED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {45D65AE4-6633-4D35-8D99-8A347982AA19} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe () [File not signed]
Task: {4C7582D2-603B-4BDF-B1ED-BF65CD6F9A3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {50901034-61A5-42AF-8B45-96FA4C764208} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {53F6286D-FA12-4CD2-9D10-DA0B258B2909} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {61B70AF6-8250-46C0-98F8-69D1B68935A4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {637E646C-3CE0-4670-9372-A5AC71BF3788} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {649DF120-67E8-4925-B1A5-2BA367C5A76D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {672DE8B6-7AA0-4317-9FBF-2578CA92DE37} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {6AE07635-45E1-43B9-9D96-D437262BEDBD} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6B1BD1F4-A234-41BE-9E2A-D17A62F956BB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6E36D2E3-60F6-4C17-AAF8-810A9D820D67} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {6FCC9221-D567-4596-A885-ADF7A884F285} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {76D5E458-C9D8-4817-BD13-4D03A0279CCA} - System32\Tasks\Microsoft\Windows\WS\WSSync => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\dllhost.exe <==== ATTENTION
Task: {7A06E2FD-F298-4738-AD9C-F17C2BC2FF7F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7CFAA576-3376-4083-9699-4FDFBE36E8DF} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7DF3DF9B-EBC7-44E0-A382-777569180A0C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {7E63A22E-41FC-4633-8001-FB71CC8AA42A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {80B1DBBB-EAB4-489C-9603-255E2B602B8A} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe (Garmin International, Inc. -> )
Task: {80CA29C1-DBDD-4C1A-9C98-BACC79D65ED0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {866656F3-2894-4EAC-98F2-EBBAEE3AC8F9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8BE17CE1-1ED7-4EE3-BB86-2EC9B6770E3E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8BEA8825-F93B-43E0-BE8E-D555772D733E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8DC0AAF2-BCE6-4114-8F9B-5B60FFE945DF} - System32\Tasks\simplitec Power Suite (Tray) => C:\Program Files\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: {923893C7-8058-4AF1-B65C-1424082DF12C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {934CAAFB-3BEF-4A1A-90CA-2D4AEBA14468} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {9DB73F69-C4BE-4B9B-8D70-4DD099A165C9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A9EA437A-2CD1-42A9-A68F-8570247BC9E2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B6640A37-CB0A-4229-821E-265FAEA8E1B9} - System32\Tasks\Microsoft\Windows\WS\WSLicenses => C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\WmiPrvSE.exe
Task: {C160B9FD-2363-4070-A31A-83D5D712A8AF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {C5CC8820-9F6F-41A5-BE27-11DBED0EFBAB} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C75048BE-8EB3-4152-B292-6219FAC1BE0F} - System32\Tasks\Opera scheduled Autoupdate 1432823111 => C:\Program Files\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {CB0ED607-C190-477E-BC77-7034F0B40CB7} - System32\Tasks\simplitec Power Suite => C:\Program Files\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION
Task: {D529309B-8B7D-45BB-9171-E84836347144} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {E34AC330-BFAA-4CBF-ABDA-747701E56714} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E637861D-B821-4E05-A658-31C8164FA036} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F13F0836-2020-424E-8CBE-D2F7668AD649} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F8058EAB-E2C2-4693-B0D5-77EF381CC9F9} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\simplitec Power Suite (Tray).job => C:\Program Files\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 activation.acronis.com
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{1173f753-17d4-4850-a183-65b85c32fd2b}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{33d6e746-36c2-49f2-87b8-f41fefa7a894}: [DhcpNameServer] 84.16.104.129 84.16.96.2

Internet Explorer:
==================
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: PDF Architect 5 Helper -> {AEA429F3-D2D4-4BD7-A03E-5357DA017733} -> C:\Program Files\PDF Architect 5\creator-ie-helper.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - PDF Architect 5 Toolbar - {84F23192-A475-4038-B5C0-8584777F2DF4} - C:\Program Files\PDF Architect 5\creator-ie-plugin.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: hp74wju1.default-1524235288261
FF ProfilePath: C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\hp74wju1.default-1524235288261 [2019-04-19]
FF Extension: (No Name) - C:\Users\Marketa\AppData\Roaming\Mozilla\Firefox\Profiles\hp74wju1.default-1524235288261\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-21] (Adobe Systems Incorporated -> )
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (Garmin International, Inc. -> GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-29] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: PDF Architect 5 -> C:\Program Files\PDF Architect 5\np-previewer.dll [2017-07-05] (pdfforge GmbH -> pdfforge GmbH)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default [2019-04-15]
CHR Extension: (Prezentace) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-21]
CHR Extension: (Dokumenty) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-21]
CHR Extension: (Disk Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-04-15]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-04-15]
CHR Extension: (YouTube) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-13]
CHR Extension: (Vyhledávání Google) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Tabulky) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-04-15]
CHR Extension: (Gmail) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-08]
CHR Extension: (Chrome Media Router) - C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-15]

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Marketa\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-05-16]
OPR Extension: (YouTube Downloader) - C:\Users\Marketa\AppData\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba [2015-05-29]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [950584 2015-11-26] (Acronis International GmbH -> Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [4463960 2016-06-03] (Acronis International GmbH -> Acronis)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1125568 2016-04-04] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1887640 2019-04-16] (ESET, spol. s r.o. -> ESET)
S2 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [696320 2011-08-18] (Hewlett-Packard Co.) [File not signed]
S2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S4 mmsminisrv; C:\Program Files\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis International GmbH -> Acronis)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2336072 2011-01-25] (O and O Software GmbH -> O&O Software GmbH)
S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2470576 2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 5 CrashHandler; C:\Program Files\PDF Architect 5\crash-handler-ws.exe [982200 2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator-ws.exe [780984 2017-07-05] (pdfforge GmbH -> pdfforge GmbH)
S2 PDF Architect 5 Manager; C:\Program Files\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (pdfforge GmbH -> © pdfforge GmbH.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3349200 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7637744 2015-11-06] (Acronis International GmbH -> Acronis)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [238176 2017-01-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3624312 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [86408 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3228672 2018-04-11] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [42912 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2016-05-06] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2016-05-06] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [125056 2019-03-13] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [91720 2019-03-13] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2019-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [147288 2019-03-13] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43952 2019-03-13] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [72480 2019-03-13] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [94856 2019-03-13] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [128552 2019-04-21] (Malwarebytes Corporation -> Malwarebytes)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [249184 2016-06-03] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [13224 2006-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Chicony)
R3 igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [9036288 2012-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 L1C; C:\WINDOWS\System32\drivers\L1C63x86.sys [102912 2018-04-11] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [172280 2019-04-21] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [17352 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [107168 2019-04-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [64088 2019-04-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [240440 2019-04-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94488 2019-04-22] (Malwarebytes Corporation -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl.sys [18944 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [26792 2015-08-16] (Synaptics Incorporated -> Synaptics Incorporated)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [685400 2016-06-03] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [156504 2016-06-03] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [398680 2016-06-03] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [229720 2016-06-03] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37448 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [271776 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [30208 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [189952 2018-04-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-22 13:06 - 2019-04-22 14:19 - 000030721 _____ C:\Users\Marketa\Desktop\FRST.txt
2019-04-22 12:01 - 2019-04-22 14:02 - 000064088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-04-22 12:01 - 2019-04-22 12:01 - 000107168 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-04-22 12:01 - 2019-04-22 12:01 - 000094488 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-04-22 11:47 - 2019-04-22 11:53 - 000000000 ____D C:\AdwCleaner
2019-04-22 11:34 - 2019-04-22 11:34 - 007025360 _____ (Malwarebytes) C:\Users\Marketa\Desktop\adwcleaner_7.3.exe
2019-04-22 08:53 - 2019-04-22 13:06 - 000000000 ____D C:\FRST
2019-04-22 08:47 - 2019-04-22 08:50 - 001793536 _____ (Farbar) C:\Users\Marketa\Desktop\FRST.exe
2019-04-21 23:26 - 2019-04-22 14:00 - 000240440 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-04-21 22:31 - 2019-04-21 22:31 - 000172280 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-04-21 18:02 - 2019-04-21 18:02 - 000000000 ____D C:\Users\Marketa\AppData\Local\mbamtray
2019-04-21 18:00 - 2019-02-01 11:20 - 000017352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-04-21 17:59 - 2019-04-21 18:08 - 000128552 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae.sys
2019-04-21 17:59 - 2019-04-21 17:59 - 000002093 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-21 17:59 - 2019-04-21 17:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-10 13:47 - 2019-04-02 11:21 - 000078864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 13:47 - 2019-04-02 11:18 - 000636880 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-10 13:47 - 2019-04-02 11:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-10 13:47 - 2019-04-02 07:10 - 000994264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 13:47 - 2019-04-02 07:05 - 000633360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-10 13:47 - 2019-04-02 07:05 - 000343056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-10 13:47 - 2019-04-02 07:04 - 006683664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 13:47 - 2019-04-02 07:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 13:47 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 13:47 - 2019-04-02 06:45 - 002811392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 13:47 - 2019-04-02 06:43 - 001753088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 13:47 - 2019-04-02 06:42 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 13:47 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 13:47 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-10 13:47 - 2019-03-14 15:56 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-10 13:47 - 2019-03-14 10:58 - 000289080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-10 13:47 - 2019-03-14 10:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-10 13:47 - 2019-03-14 10:20 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-10 13:47 - 2019-03-14 10:18 - 001844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-10 13:47 - 2019-03-14 10:17 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-10 13:47 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 13:47 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-10 13:47 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-10 13:47 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-10 13:46 - 2019-04-02 11:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-10 13:46 - 2019-04-02 11:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 13:46 - 2019-04-02 07:05 - 002350392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 13:46 - 2019-04-02 07:05 - 002144272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 13:46 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 13:46 - 2019-04-02 06:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 13:46 - 2019-04-02 06:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 13:46 - 2019-04-02 06:41 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 13:46 - 2019-04-02 06:40 - 001733632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-10 13:46 - 2019-04-02 06:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 13:46 - 2019-03-14 15:55 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-10 13:46 - 2019-03-14 10:57 - 000480264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 13:46 - 2019-03-14 10:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 13:46 - 2019-03-14 10:37 - 002031112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 13:46 - 2019-03-14 10:37 - 000140832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 13:46 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 13:46 - 2019-03-14 10:21 - 003255296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 13:46 - 2019-03-14 10:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 13:46 - 2019-03-14 10:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-10 13:46 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-10 13:46 - 2019-03-14 10:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2019-04-10 13:46 - 2019-03-14 10:18 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 13:46 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 13:46 - 2019-03-14 10:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-10 13:46 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 13:46 - 2019-03-14 10:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-10 13:46 - 2019-03-14 10:16 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-10 13:46 - 2019-03-14 10:15 - 002415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-10 13:46 - 2019-03-14 10:15 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-10 13:46 - 2019-03-14 10:15 - 000548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 13:46 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 13:46 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 13:46 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-10 13:46 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 13:46 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-10 13:46 - 2019-03-14 10:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-04-10 13:46 - 2019-03-14 10:13 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-10 13:46 - 2019-03-14 10:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 13:45 - 2019-04-02 11:25 - 001465512 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-10 13:45 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 13:45 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 13:45 - 2019-04-02 11:08 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 13:45 - 2019-04-02 11:08 - 001082880 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 13:45 - 2019-04-02 11:08 - 000890880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 13:45 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 13:45 - 2019-04-02 11:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 13:45 - 2019-04-02 11:05 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 13:45 - 2019-04-02 11:05 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 13:45 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 13:45 - 2019-04-02 06:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-10 13:45 - 2019-04-02 06:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-10 13:45 - 2019-04-02 06:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 13:45 - 2019-04-02 06:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-10 13:45 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 13:45 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 001268232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 001118216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000937992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000828936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000634376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-04-10 13:45 - 2019-03-14 16:12 - 000620552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000577544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000483336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000482312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000368648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000285192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-04-10 13:45 - 2019-03-14 16:12 - 000118304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-04-10 13:45 - 2019-03-14 16:10 - 000142136 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 13:45 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 13:45 - 2019-03-14 15:55 - 000608256 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-10 13:45 - 2019-03-14 15:55 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-10 13:45 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 13:45 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-10 13:45 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 13:45 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 13:45 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-10 13:45 - 2019-03-14 10:39 - 000119328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 13:45 - 2019-03-14 10:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 13:45 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 13:45 - 2019-03-14 10:37 - 001190704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-10 13:45 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 13:45 - 2019-03-14 10:37 - 001051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-10 13:45 - 2019-03-14 10:37 - 000950088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 13:45 - 2019-03-14 10:37 - 000831736 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 13:45 - 2019-03-14 10:18 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-10 13:45 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 13:45 - 2019-03-14 10:18 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-10 13:45 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 13:45 - 2019-03-14 10:17 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 13:45 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 13:45 - 2019-03-14 10:17 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 13:45 - 2019-03-14 10:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-10 13:45 - 2019-03-14 10:16 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-10 13:45 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 13:45 - 2019-03-14 10:14 - 000733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 13:45 - 2019-03-14 10:14 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-10 13:45 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 13:45 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-10 13:45 - 2019-03-14 03:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msjet40.dll
2019-04-10 13:45 - 2019-03-14 03:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspbde40.dll
2019-04-10 13:45 - 2019-03-14 03:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrd3x40.dll
2019-04-10 13:45 - 2019-03-14 03:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2019-04-10 13:44 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 13:44 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-10 13:44 - 2019-03-14 10:17 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-10 13:44 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-10 13:44 - 2019-03-14 10:17 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-10 13:44 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-10 13:44 - 2019-03-14 10:14 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-10 13:44 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxbde40.dll
2019-04-04 10:18 - 2019-04-15 15:43 - 000000000 ____D C:\RQMONEY
2019-04-02 14:31 - 2019-04-02 14:31 - 000000000 ____D C:\Users\Marketa\Documents\VideoPad Projects
2019-04-02 13:27 - 2019-04-02 13:28 - 000000000 ____D C:\Users\Marketa\AppData\Local\FreemakeVideoConverter
2019-04-02 13:25 - 2019-04-21 18:24 - 000000000 ____D C:\ProgramData\Freemake
2019-04-02 13:25 - 2019-04-02 13:28 - 000000000 ____D C:\Users\Marketa\Documents\Freemake
2019-04-02 13:24 - 2019-04-21 18:24 - 000000000 ____D C:\Program Files\Freemake
2019-04-01 10:36 - 2019-04-01 10:36 - 000000761 _____ C:\Users\Marketa\Desktop\Škola UHK – zástupce.lnk

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-22 14:11 - 2018-04-11 22:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-22 13:56 - 2018-07-26 15:43 - 000000000 ____D C:\Users\Marketa
2019-04-22 13:54 - 2018-07-26 16:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-22 13:54 - 2018-07-26 15:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-22 11:59 - 2018-04-11 14:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-22 11:46 - 2016-12-26 10:33 - 000000000 ____D C:\ProgramData\TEMP
2019-04-22 11:22 - 2017-12-02 19:29 - 000000000 ____D C:\Program Files\PDFCreator
2019-04-22 11:14 - 2018-10-05 13:49 - 000000000 ____D C:\Users\Marketa\AppData\Local\CrashDumps
2019-04-22 10:16 - 2015-05-28 16:25 - 000000000 ____D C:\Program Files\Opera
2019-04-22 09:13 - 2018-04-11 22:31 - 000000000 ____D C:\WINDOWS\INF
2019-04-22 07:43 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-21 23:05 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-21 18:23 - 2017-10-21 11:33 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-04-21 18:19 - 2018-11-26 18:04 - 000000000 ____D C:\Program Files\HappyFoto DESIGNER
2019-04-21 18:00 - 2018-04-11 22:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-21 09:55 - 2018-08-08 09:29 - 000000000 ____D C:\Users\Marketa\AppData\Local\D3DSCache
2019-04-20 21:32 - 2015-05-28 16:46 - 000000000 ____D C:\Users\Marketa\Documents\Soubory aplikace Outlook
2019-04-20 16:33 - 2018-03-10 10:08 - 000000000 ____D C:\Users\Marketa\AppData\Local\Packages
2019-04-18 20:46 - 2018-04-11 22:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-12 18:54 - 2016-09-25 14:31 - 000000000 ____D C:\Users\Marketa\Desktop\Zdraví
2019-04-12 12:16 - 2017-01-11 22:06 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-11 13:06 - 2015-07-08 22:21 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 12:08 - 2016-08-08 10:19 - 000015288 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2019-04-10 16:53 - 2018-07-26 15:37 - 000496856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-10 14:09 - 2018-04-12 06:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-10 14:09 - 2018-04-11 22:36 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-10 14:09 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-10 14:09 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-04-10 14:09 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-10 14:03 - 2018-04-11 22:25 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-10 13:37 - 2015-05-28 16:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-04-10 13:33 - 2015-05-28 22:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 13:18 - 2015-05-28 22:45 - 128044056 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-10 13:10 - 2013-08-22 08:13 - 000000222 _____ C:\WINDOWS\win.ini
2019-04-05 12:14 - 2018-01-12 17:10 - 000000000 ____D C:\Program Files\rempl
2019-04-04 17:46 - 2018-07-26 15:58 - 001693770 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-04 17:46 - 2018-04-12 06:53 - 000716276 _____ C:\WINDOWS\system32\perfh005.dat
2019-04-04 17:46 - 2018-04-12 06:53 - 000144534 _____ C:\WINDOWS\system32\perfc005.dat
2019-04-02 14:45 - 2018-11-04 19:46 - 000000000 ____D C:\Users\Marketa\AppData\Roaming\MuseScore
2019-04-02 13:50 - 2018-12-29 16:33 - 000000000 ____D C:\Users\Marketa\AppData\Local\Windows Live
2019-04-02 06:44 - 2015-06-11 16:07 - 000020057 _____ C:\WINDOWS\BRRBCOM.INI
2019-04-01 19:51 - 2018-04-11 22:39 - 000835480 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerApp.exe
2019-04-01 19:51 - 2018-04-11 22:39 - 000179608 _____ (Adobe) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2019-04-01 11:22 - 2016-06-25 13:37 - 000000000 ____D C:\Users\Marketa\Desktop\TianDe

==================== Files in the root of some directories =======

2016-06-29 09:26 - 2018-10-05 13:57 - 000000600 _____ () C:\Users\Marketa\AppData\Roaming\winscp.rnd
2016-09-07 13:22 - 2016-09-07 13:22 - 000000000 _____ () C:\Users\Marketa\AppData\Local\{416F4876-A0C4-47CA-9E65-61D9EDA40702}
2015-10-30 08:04 - 2015-10-30 08:04 - 000000000 _____ () C:\Users\Marketa\AppData\Local\{554CE765-827A-4AD1-A9C0-F4B29CC961DE}
2018-11-10 14:16 - 2018-11-10 14:16 - 000000000 _____ () C:\Users\Marketa\AppData\Local\{5FA94A95-DBCF-404B-B15D-A2160AD9DDA4}
2015-10-19 12:19 - 2015-10-19 12:19 - 000000000 _____ () C:\Users\Marketa\AppData\Local\{927C9663-A771-4DF6-A3E8-BB82CD825E8A}
2016-01-15 13:00 - 2016-01-15 13:00 - 000000000 _____ () C:\Users\Marketa\AppData\Local\{9B458FB3-3FBA-42E8-8080-4AC1C506B711}
2015-10-07 12:38 - 2015-10-07 12:38 - 000000000 _____ () C:\Users\Marketa\AppData\Local\{E6938C34-BFDB-4CCA-AFCA-4799AA530994}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-04-2019 01
Ran by Marketa (22-04-2019 14:21:00)
Running from C:\Users\Marketa\Desktop
Microsoft Windows 10 Pro Version 1803 17134.706 (X86) (2018-07-26 14:13:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2523095765-2521646832-716613247-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2523095765-2521646832-716613247-503 - Limited - Disabled)
Guest (S-1-5-21-2523095765-2521646832-716613247-501 - Limited - Disabled)
Marketa (S-1-5-21-2523095765-2521646832-716613247-1001 - Administrator - Enabled) => C:\Users\Marketa
quhvtjopkl (S-1-5-21-2523095765-2521646832-716613247-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2523095765-2521646832-716613247-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM\...\{A80FA752-C491-4ED9-ABF0-4278563160B2}) (Version: 7.1.8 - Hewlett-Packard) Hidden
Acronis True Image 2016 (HKLM\...\{64AB919C-28AA-4260-A147-1A88E53EE978}) (Version: 19.0.6027 - Acronis) Hidden
Acronis True Image 2016 (HKLM\...\{64AB919C-28AA-4260-A147-1A88E53EE978}Visible) (Version: 19.0.6027 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
ANT Drivers Installer x86 (HKLM\...\{E64F69D8-38FE-48B8-95AB-CC676FA636F1}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Video Converter 6.2.5 (HKLM\...\Any Video Converter) (Version: 6.2.5 - Anvsoft)
Apple Mobile Device Support (HKLM\...\{BD40DFE8-9908-43A8-93C0-67608DD3D400}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (HKLM\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Copy (HKLM\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0154 - Disc Soft Ltd)
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F4500_SW_MIN (HKLM\...\{8AABFB1F-A5A9-48A6-A8EB-C5F819C89037}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
Elevated Installer (HKLM\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Security (HKLM\...\{43331BEA-C00B-4EF6-8CF3-3957ECA032CB}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
F4500 (HKLM\...\{6326C5A9-0FC0-4FAF-B675-7333FE16DB57}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
FFmpeg (Windows) for Audacity verze 2.2.2 (HKLM\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
Fotogalerie (HKLM\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeFileSync 8.2 (HKLM\...\FreeFileSync_is1) (Version: 8.2 - www.FreeFileSync.org)
Garmin Communicator Plugin (HKLM\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
GPBaseService2 (HKLM\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{FD126052-310E-4364-937B-6B5564F24578}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Solutions Framework (HKLM\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{8C0BFEB8-6679-4A88-B4EC-2DF8BEC18CE0}) (Version: 7.1.0.34 - Apple Inc.)
Inkscape 0.91 (HKLM\...\Inkscape) (Version: 0.91 - )
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{6EBB5549-1773-43E1-BB82-E7A14CA5AB6B}) (Version: 12.7.3.46 - Apple Inc.)
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Manager (HKLM\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
MarketResearch (HKLM\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Movie Maker (HKLM\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MPC-HC 1.7.10 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
MuseScore 2 (HKLM\...\{7D01160E-D30F-4E88-8872-4A0A0A782E2E}) (Version: 2.3.2 - Werner Schweer and Others)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NetSpot (HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\a6e43da6e76c5494) (Version: 1.0.0.334 - Etwok LLC)
Network (HKLM\...\{B20B30E2-3071-4A7B-8967-3A4B3932DADF}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
O&O Defrag Free Edition (HKLM\...\{E29CFB36-F070-4612-8DB5-7038161B6294}) (Version: 14.1.431 - O&O Software GmbH)
Opera Stable 58.0.3135.132 (HKLM\...\Opera 58.0.3135.132) (Version: 58.0.3135.132 - Opera Software)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF Architect 5 Create Module (HKLM\...\{195F60E3-5445-4DDA-8A65-C1A221E1D6FA}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDF Architect 5 Edit Module (HKLM\...\{1EC3144E-90D5-4936-8292-E8C5152ADF77}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDF Architect 5 View Module (HKLM\...\{BD9CE601-084F-49A2-9E13-F0BF6AD7FEEB}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
Podpora aplikací Apple (32bitová) (HKLM\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Rajče průvodce verze 1.59.54.269 (HKLM\...\rajce.net_is1) (Version: - rajce.net)
Scan (HKLM\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
SolutionCenter (HKLM\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\Spotify) (Version: 1.0.33.106.g60b5d1f0 - Spotify AB)
Status (HKLM\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.1.3.6 - Synaptics Incorporated)
Toolbox (HKLM\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB4462207) 32-Bit Edition (HKLM\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{E78636E8-8D6F-494B-917B-3F5D79693E95}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4462207) 32-Bit Edition (HKLM\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E78636E8-8D6F-494B-917B-3F5D79693E95}) (Version: - Microsoft)
UpdateAssistant (HKLM\...\{DE6D7469-B5F8-473E-AD8E-4C2BF29EECBA}) (Version: 1.13.0.0 - Microsoft Corporation) Hidden
VideoPad Video Editor (HKLM\...\VideoPad) (Version: 6.30 - NCH Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (HKLM\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.66 - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Setup Remediations (x86) (KB4023057) (HKLM\...\{49cd2afd-8679-48a5-90ab-e7044bee2465}.sdb) (Version: - )
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 5.7.7 (HKLM\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
Your Uninstaller! 7 (HKLM\...\YU2010_is1) (Version: 7.5.2014.3 - URSoft, Inc.)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.84 - ZONER software)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2523095765-2521646832-716613247-1001_Classes\CLSID\{10fa89b1-dfc1-4cca-b2f3-4b7b6cf1c9b9}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2523095765-2521646832-716613247-1001_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> D:\Program Files\Zoner\Photo Studio 19\Program32\SHELLEXT.DLL (ZONER software, a.s. -> ZONER software)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2015-11-11] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2015-11-11] (Acronis International GmbH -> Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files\Acronis\TrueImageHome\tishell.dll [2015-11-11] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2019-04-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> [CC]{00B7B69F-6774-4906-9C7F-7D117A3644A9} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> [CC]{89D984B3-813B-406A-8298-118AFA3A22AE} => -> No File
ContextMenuHandlers1: [VersionsPageShellExt] -> [CC]{9E42900A-85F9-4E67-9778-575FBBA0A81C} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2019-04-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2019-04-16] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-2523095765-2521646832-716613247-1001: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => D:\Program Files\Zoner\Photo Studio 19\Program32\SHELLEXT.DLL [2018-11-01] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers2_S-1-5-21-2523095765-2521646832-716613247-1001: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => D:\Program Files\Zoner\Photo Studio 19\Program32\SHELLEXT.DLL [2018-11-01] (ZONER software, a.s. -> ZONER software)
ContextMenuHandlers4_S-1-5-21-2523095765-2521646832-716613247-1001: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => D:\Program Files\Zoner\Photo Studio 19\Program32\SHELLEXT.DLL [2018-11-01] (ZONER software, a.s. -> ZONER software)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-11-06 00:26 - 2018-11-06 00:26 - 005196288 _____ () [File not signed] C:\WINDOWS\AutoKMS\AutoKMS.exe
2017-12-02 19:30 - 2017-12-02 19:30 - 000097792 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2010-08-06 11:13 - 2010-08-06 11:13 - 000044032 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:13 - 2010-08-06 11:13 - 000053760 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2011-08-18 01:24 - 2011-08-18 01:24 - 000696320 _____ (Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpslpsvc32.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-21 17:58 - 2019-04-21 18:08 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2018-10-05 16:03 - 2019-04-21 18:08 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-08-08 08:47 - 2019-04-21 18:08 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-21 18:08 - 2019-04-21 18:08 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2015-10-06 17:13 - 2015-12-02 10:09 - 001486337 _____ (Acronis) [File not signed] C:\Program Files\Common Files\Acronis\Home\libcrypto10.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [152]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 08:13 - 2016-06-03 00:28 - 000000861 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 activation.acronis.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Common Files\Acronis\VirtualFile\;C:\Program Files\Common Files\Acronis\SnapAPI\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Windows Live\Shared
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019140021189\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04222019140022127\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "HP Software Update"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "OODefragTray"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\StartupFolder: => "Odeslat do OneNote.lnk"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-2523095765-2521646832-716613247-1001\...\StartupApproved\Run: => "ApplePhotoStreams"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1BC9C950-EF5B-46E9-9F4F-89DACFF96BDD}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0E223796-D8B0-4254-82AA-1171B3472EB3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File
FirewallRules: [{52111039-0A36-4D01-B0B7-36EFD7578C87}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{234FA061-2DED-492F-9FB0-0815CF25A499}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7B2D8C3A-5B4F-4F01-A604-3CD90E8F8818}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{43BCF6DD-01DC-49DF-A043-F95643A952A3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{57DD66DB-E41A-47D3-8045-D59E2AC0AC5E}C:\users\marketa\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marketa\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{4388FDBC-CDC3-4F09-BABC-A421325AB135}C:\users\marketa\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\marketa\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{BBF3D53A-8BF0-462C-8BC8-029CE1AAB263}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{157F580B-BC8E-4E8C-842E-6E38504E7EB0}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{2D3EAA6D-A87E-46D7-8105-BA418613AAE3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0E5A1C8B-F3C8-4417-BEFE-0BC219D93A45}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{3FAF87DC-3C30-4728-9ED7-BFF6A74CF3A3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{EEBB5EBF-4DE0-446B-AD51-B0F17F5B3D0F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{8C607B98-B8DF-4D39-9BBC-336DFA40C9C0}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{DE1928BB-1C58-4545-AA09-36C1C10EAC40}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{21E9FCCF-1ED7-4855-86FB-00CE9B447E09}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{24C8971C-C635-4419-BADD-E8DA1EF22304}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{914FF18E-00B1-4747-8554-2AC115A0400F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{EB17C0A9-A3E5-44C5-A285-93DB3641CC1B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{DBB3CF2D-2424-4E9E-8968-E9D846FFE637}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{AECAAC1D-EAD7-422A-AD39-BDECDD3B5D9D}] => (Allow) C:\Program Files\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{69F4339A-4CD2-4A38-AACF-A257BDEE2E0F}] => (Allow) C:\Program Files\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{52E6D252-2577-4D3F-91BA-193A748B3D77}] => (Allow) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{1DB9F5C1-B28D-4796-B05A-1B7FD89B6245}] => (Allow) C:\Program Files\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis)
FirewallRules: [{0C6B85E7-F3A6-4E5F-8F1A-B0CBE3CDA54F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C3C2F31B-AA37-45DD-A68E-0FB7376A8B4A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B08BD5FE-2E28-4CC9-AD3F-90BED978CD34}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3C3AF5CC-9968-4DCA-BE5E-25664DBA21EA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F651169D-0F0A-4BC7-B4C0-089D87A3F964}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4B54B26C-DE6F-4C57-BFF3-C206BE481792}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6441698F-A34A-4DA2-A88D-0BA85D5FF7F5}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{98328CAE-D35D-406E-8ABE-D9A61B21AA3F}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F8E431B4-DAC4-4015-8CF5-66438E78FE76}] => (Allow) LPort=2869
FirewallRules: [{C34B9A7C-B0A8-4D59-96A1-97A40A85C6AD}] => (Allow) LPort=1900
FirewallRules: [{D0F730CA-295E-4CD0-9C01-14DDC9156084}] => (Allow) C:\Program Files\Opera\58.0.3135.127\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{AFF4B5DF-9BB8-4C00-95E1-EF6EF90CC42F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{8EA0F3C6-AFC9-4283-91F0-C114F1476363}] => (Allow) C:\Program Files\Opera\58.0.3135.132\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/22/2019 02:22:37 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (1828,R,98) WebCacheLocal: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -1022.

Error: (04/22/2019 02:22:37 PM) (Source: ESENT) (EventID: 419) (User: )
Description: taskhostw (1828,R,98) WebCacheLocal: Stránka 229 databáze C:\Users\Marketa\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat se nedá číst. Chyba: -1022

Error: (04/22/2019 02:20:37 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (04/22/2019 02:15:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (04/22/2019 02:14:00 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (1828,R,98) WebCacheLocal: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -1022.

Error: (04/22/2019 02:13:59 PM) (Source: ESENT) (EventID: 419) (User: )
Description: taskhostw (1828,R,98) WebCacheLocal: Stránka 229 databáze C:\Users\Marketa\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat se nedá číst. Chyba: -1022

Error: (04/22/2019 02:13:46 PM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostw (1828,R,98) WebCacheLocal: Při pokusu o obnovení nebo zotavení databáze došlo k neočekávané chybě -1022.

Error: (04/22/2019 02:13:45 PM) (Source: ESENT) (EventID: 419) (User: )
Description: taskhostw (1828,R,98) WebCacheLocal: Stránka 229 databáze C:\Users\Marketa\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat se nedá číst. Chyba: -1022


System errors:
=============
Error: (04/22/2019 02:22:37 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/22/2019 02:22:34 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/22/2019 02:22:32 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/22/2019 02:13:59 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/22/2019 02:13:56 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/22/2019 02:13:53 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/22/2019 02:13:50 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (04/22/2019 02:13:45 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.


CodeIntegrity:
===================================

Date: 2019-04-22 08:31:50.863
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Opera\58.0.3135.127\opera.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Celeron(R) Dual-Core CPU T3500 @ 2.10GHz
Percentage of memory in use: 76%
Total physical RAM: 1976.92 MB
Available physical RAM: 458.61 MB
Total Virtual: 3512.92 MB
Available Virtual: 2188.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.12 GB) (Free:5 GB) NTFS
Drive d: () (Fixed) (Total:200.43 GB) (Free:119.94 GB) NTFS

\\?\Volume{a8a2a562-0544-11e5-9713-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{dbb3141b-0000-0000-0000-f04d18000000}\ () (Fixed) (Total:0.44 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: DBB3141B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny notebook

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CkoseProcesses:
C:\Program Files\Bonjour
Task: {0A2B15C6-25E0-451E-8E91-2AF750023A74} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {267F02CE-9294-49AA-BEA1-35E8EF4E372A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2A08913C-1590-4C55-8F82-A6258FAA61F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2AFEA56C-A2D0-494D-AA2E-1EAC4AB2CB12} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {365DBAF7-B039-4F85-98E6-75B63B23A0A8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {3B34F186-629D-41FB-B5E2-CC5AD3308AA8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {50901034-61A5-42AF-8B45-96FA4C764208} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {61B70AF6-8250-46C0-98F8-69D1B68935A4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {649DF120-67E8-4925-B1A5-2BA367C5A76D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {80CA29C1-DBDD-4C1A-9C98-BACC79D65ED0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8DC0AAF2-BCE6-4114-8F9B-5B60FFE945DF} - System32\Tasks\simplitec Power Suite (Tray) => C:\Program Files\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: {A9EA437A-2CD1-42A9-A68F-8570247BC9E2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CB0ED607-C190-477E-BC77-7034F0B40CB7} - System32\Tasks\simplitec Power Suite => C:\Program Files\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\simplitec Power Suite (Tray).job => C:\Program Files\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> [CC]{00B7B69F-6774-4906-9C7F-7D117A3644A9} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> [CC]{89D984B3-813B-406A-8298-118AFA3A22AE} => -> No File
ContextMenuHandlers1: [VersionsPageShellExt] -> [CC]{9E42900A-85F9-4E67-9778-575FBBA0A81C} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
C:\WINDOWS\AutoKMS
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [152]
FirewallRules: [{0E223796-D8B0-4254-82AA-1171B3472EB3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File

EmptyTemp:
Hosts:
Temp
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

cica18
Návštěvník
Návštěvník
Příspěvky: 134
Registrován: 12 bře 2007 17:37

Re: zpomaleny notebook

#7 Příspěvek od cica18 »

Fix result of Farbar Recovery Scan Tool (x86) Version: 21-04-2019 01
Ran by Marketa (22-04-2019 15:20:19) Run:1
Running from C:\Users\Marketa\Desktop
Loaded Profiles: Marketa (Available Profiles: Marketa)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CkoseProcesses:
C:\Program Files\Bonjour
Task: {0A2B15C6-25E0-451E-8E91-2AF750023A74} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {267F02CE-9294-49AA-BEA1-35E8EF4E372A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2A08913C-1590-4C55-8F82-A6258FAA61F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {2AFEA56C-A2D0-494D-AA2E-1EAC4AB2CB12} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {365DBAF7-B039-4F85-98E6-75B63B23A0A8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {3B34F186-629D-41FB-B5E2-CC5AD3308AA8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {50901034-61A5-42AF-8B45-96FA4C764208} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {61B70AF6-8250-46C0-98F8-69D1B68935A4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {649DF120-67E8-4925-B1A5-2BA367C5A76D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {80CA29C1-DBDD-4C1A-9C98-BACC79D65ED0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8DC0AAF2-BCE6-4114-8F9B-5B60FFE945DF} - System32\Tasks\simplitec Power Suite (Tray) => C:\Program Files\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: {A9EA437A-2CD1-42A9-A68F-8570247BC9E2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {CB0ED607-C190-477E-BC77-7034F0B40CB7} - System32\Tasks\simplitec Power Suite => C:\Program Files\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\simplitec Power Suite (Tray).job => C:\Program Files\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> [CC]{00B7B69F-6774-4906-9C7F-7D117A3644A9} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> [CC]{89D984B3-813B-406A-8298-118AFA3A22AE} => -> No File
ContextMenuHandlers1: [VersionsPageShellExt] -> [CC]{9E42900A-85F9-4E67-9778-575FBBA0A81C} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
C:\WINDOWS\AutoKMS
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [152]
FirewallRules: [{0E223796-D8B0-4254-82AA-1171B3472EB3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe No File

EmptyTemp:
Hosts:
Temp
*****************

CkoseProcesses: => Error: No automatic fix found for this entry.
C:\Program Files\Bonjour => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0A2B15C6-25E0-451E-8E91-2AF750023A74}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0A2B15C6-25E0-451E-8E91-2AF750023A74}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{267F02CE-9294-49AA-BEA1-35E8EF4E372A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{267F02CE-9294-49AA-BEA1-35E8EF4E372A}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2A08913C-1590-4C55-8F82-A6258FAA61F9}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2A08913C-1590-4C55-8F82-A6258FAA61F9}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2AFEA56C-A2D0-494D-AA2E-1EAC4AB2CB12}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AFEA56C-A2D0-494D-AA2E-1EAC4AB2CB12}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{365DBAF7-B039-4F85-98E6-75B63B23A0A8}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{365DBAF7-B039-4F85-98E6-75B63B23A0A8}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B34F186-629D-41FB-B5E2-CC5AD3308AA8}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B34F186-629D-41FB-B5E2-CC5AD3308AA8}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50901034-61A5-42AF-8B45-96FA4C764208}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50901034-61A5-42AF-8B45-96FA4C764208}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61B70AF6-8250-46C0-98F8-69D1B68935A4}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61B70AF6-8250-46C0-98F8-69D1B68935A4}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{649DF120-67E8-4925-B1A5-2BA367C5A76D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{649DF120-67E8-4925-B1A5-2BA367C5A76D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80CA29C1-DBDD-4C1A-9C98-BACC79D65ED0}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80CA29C1-DBDD-4C1A-9C98-BACC79D65ED0}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8DC0AAF2-BCE6-4114-8F9B-5B60FFE945DF}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DC0AAF2-BCE6-4114-8F9B-5B60FFE945DF}" => removed successfully.
C:\Windows\System32\Tasks\simplitec Power Suite (Tray) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\simplitec Power Suite (Tray)" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9EA437A-2CD1-42A9-A68F-8570247BC9E2}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9EA437A-2CD1-42A9-A68F-8570247BC9E2}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB0ED607-C190-477E-BC77-7034F0B40CB7}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB0ED607-C190-477E-BC77-7034F0B40CB7}" => removed successfully.
C:\Windows\System32\Tasks\simplitec Power Suite => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\simplitec Power Suite" => removed successfully.
C:\WINDOWS\Tasks\simplitec Power Suite (Tray).job => moved successfully
C:\WINDOWS\Tasks\simplitec Power Suite.job => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully.
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully.
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully.
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully.
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFArchitect5_ManagerExt => removed successfully.
HKLM\Software\Classes\CLSID\[CC]{00B7B69F-6774-4906-9C7F-7D117A3644A9} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFCreator.ShellContextMenu => removed successfully.
HKLM\Software\Classes\CLSID\{d9cea52e-100d-4159-89ea-76e845bc13e1} => removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PhotoStreamsExt => removed successfully.
HKLM\Software\Classes\CLSID\[CC]{89D984B3-813B-406A-8298-118AFA3A22AE} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\VersionsPageShellExt => removed successfully.
HKLM\Software\Classes\CLSID\[CC]{9E42900A-85F9-4E67-9778-575FBBA0A81C} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR => removed successfully.
HKLM\Software\Classes\CLSID\[CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully.
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully.
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully.
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found

"C:\WINDOWS\AutoKMS" folder move:

Could not move "C:\WINDOWS\AutoKMS" => Scheduled to move on reboot.

C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0E223796-D8B0-4254-82AA-1171B3472EB3}" => removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
Temp => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15189160 B
Java, Flash, Steam htmlcache => 1136 B
Windows/system/drivers => 420014136 B
Edge => 308 B
Chrome => 41729342 B
Firefox => 21809186 B
Opera => 9276554 B

Temp, IE cache, history, cookies, recent:
Default => 13112 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 143420 B
NetworkService => 0 B
Marketa => 9441845 B

RecycleBin => 152155494 B
EmptyTemp: => 648.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-04-2019 15:43:12)

C:\WINDOWS\AutoKMS => is moved successfully

==== End of Fixlog 15:43:18 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny notebook

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

cica18
Návštěvník
Návštěvník
Příspěvky: 134
Registrován: 12 bře 2007 17:37

Re: zpomaleny notebook

#9 Příspěvek od cica18 »

bohuzel ne

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny notebook

#10 Příspěvek od Rudy »

Vyčistíme prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. 2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

cica18
Návštěvník
Návštěvník
Příspěvky: 134
Registrován: 12 bře 2007 17:37

Re: zpomaleny notebook

#11 Příspěvek od cica18 »

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Pro x86
Ran by Marketa (Administrator) on 22.04.2019 at 20:09:35,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3

Successfully deleted: C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd (Folder)
Successfully deleted: C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder)



Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEA429F3-D2D4-4BD7-A03E-5357DA017733} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{84F23192-A475-4038-B5C0-8584777F2DF4} (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.04.2019 at 20:15:40,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

zoek mi nejde, jeste zkusim restart

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny notebook

#12 Příspěvek od Rudy »

A Zoek?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

cica18
Návštěvník
Návštěvník
Příspěvky: 134
Registrován: 12 bře 2007 17:37

Re: zpomaleny notebook

#13 Příspěvek od cica18 »

no jak sem psal na konci minule zpravy...ten mi nejde spustit ani normalne ani jako spravce a ted ani po restartu

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomaleny notebook

#14 Příspěvek od Rudy »

Zkuste v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

cica18
Návštěvník
Návštěvník
Příspěvky: 134
Registrován: 12 bře 2007 17:37

Re: zpomaleny notebook

#15 Příspěvek od cica18 »

furt zpomalenej


Zoek.exe Version 5.0.0.2 Updated 03-May-2018
Tool run by Marketa on 23.04.2019 at 6:49:43,53.
Microsoft Windows 10 Pro 10.0.17134 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Marketa\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

23.04.2019 7:45:42 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\Elaborate Bytes deleted successfully
C:\Program Files\Freemake deleted successfully
C:\Program Files\HappyFoto DESIGNER deleted successfully
C:\Program Files\Malwarebytes Anti-Malware deleted successfully
C:\Program Files\Mozilla Firefox deleted successfully
C:\Program Files\NirSoft deleted successfully
C:\Program Files\PDFCreator deleted successfully
C:\Program Files\Common Files\Protexis deleted successfully
C:\PROGRA~2\Comms deleted successfully
C:\PROGRA~2\CorelDRAW Graphics Suite X7 deleted successfully
C:\PROGRA~2\Freemake deleted successfully
C:\PROGRA~2\SoftwareDistribution deleted successfully
C:\Users\Marketa\AppData\Roaming\Corel deleted successfully
C:\Users\Marketa\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\Marketa\AppData\Local\ActiveSync deleted successfully
C:\Users\Marketa\AppData\Local\D3DSCache deleted successfully
C:\Users\Marketa\AppData\Local\DBG deleted successfully
C:\Users\Marketa\AppData\Local\EmieSiteList deleted successfully
C:\Users\Marketa\AppData\Local\EmieUserList deleted successfully
C:\Users\Marketa\AppData\Local\NetworkTiles deleted successfully
C:\Users\Marketa\AppData\Local\PeerDistRepub deleted successfully
C:\Users\Marketa\AppData\Local\PlaceholderTileLogoFolder deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\Elaborate Bytes not found
C:\Program Files\Freemake not found
C:\Program Files\HappyFoto DESIGNER not found
C:\Program Files\Mozilla Firefox not found
C:\Program Files\NirSoft not found
C:\Program Files\PDFCreator not found
C:\Users\Marketa\AppData\Local\HappyFoto DESIGNER deleted
C:\Program Files\PDF Architect 5 Manager deleted
C:\Program Files\Your Uninstaller! 7 deleted
C:\PROGRA~2\Package Cache deleted
"C:\Users\Marketa\AppData\Local\{416F4876-A0C4-47CA-9E65-61D9EDA40702}" deleted
"C:\Users\Marketa\AppData\Local\{554CE765-827A-4AD1-A9C0-F4B29CC961DE}" deleted
"C:\Users\Marketa\AppData\Local\{5FA94A95-DBCF-404B-B15D-A2160AD9DDA4}" deleted
"C:\Users\Marketa\AppData\Local\{927C9663-A771-4DF6-A3E8-BB82CD825E8A}" deleted
"C:\Users\Marketa\AppData\Local\{9B458FB3-3FBA-42E8-8080-4AC1C506B711}" deleted
"C:\Users\Marketa\AppData\Local\{E6938C34-BFDB-4CCA-AFCA-4799AA530994}" deleted
"C:\Program Files\Windows Defender Advanced Threat Protection" deleted
"C:\Program Files\Windows Defender Advanced Threat Protection" deleted

==== Chromium Look ======================

Google Chrome Version: 73.0.3683.103
Opera Browser Version: 55.0.2994.44
Opera Browser Version: 55.0.2994.61
Opera Browser Version: 56.0.3051.104
Opera Browser Version: 56.0.3051.116
Opera Browser Version: 56.0.3051.36
Opera Browser Version: 56.0.3051.36_0
Opera Browser Version: 56.0.3051.43
Opera Browser Version: 56.0.3051.52
Opera Browser Version: 56.0.3051.99
Opera Browser Version: 57.0.3098.106
Opera Browser Version: 57.0.3098.116
Opera Browser Version: 58.0.3135.107
Opera Browser Version: 58.0.3135.118
Opera Browser Version: 58.0.3135.127
Opera Browser Version: 58.0.3135.132
Opera Browser Version: 58.0.3135.65
Opera Browser Version: 58.0.3135.68
Opera Browser Version: 58.0.3135.79


Chrome Media Router - Marketa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
AdBlock - Marketa\Appdata\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj
YouTube Downloader - Marketa\Appdata\Roaming\Opera Software\Opera Stable\Extensions\kclijeogghhkmenkommbnjobhnndpfba

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02

==== Reset Google Chrome ======================

C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Marketa\Appdata\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Marketa\Appdata\Roaming\Opera Software\Opera Stable\Preferences.backup was reset successfully
C:\Users\Marketa\Appdata\Roaming\Opera Software\Opera Stable\Secure Preferences was reset successfully
C:\Users\Marketa\Appdata\Roaming\Opera Software\Opera Stable\Secure Preferences.backup was reset successfully
C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Marketa\Appdata\Roaming\Opera Software\Opera Stable\Web Data will be reset at reboot
C:\Users\Marketa\Appdata\Roaming\Opera Software\Opera Stable\Web Data-journal will be reset at reboot

==== Empty IE Cache ======================

C:\Users\Marketa\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Marketa\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\Marketa\AppData\Local\Opera Software\Opera Stable\Cache will be emptied at reboot
C:\Users\Marketa\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=222 folders=125 118107637 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Marketa\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Marketa\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Marketa\Appdata\Roaming\Opera Software\Opera Stable\Web Data" not found
"C:\Users\Marketa\Appdata\Roaming\Opera Software\Opera Stable\Web Data-journal" not found
"C:\Users\Marketa\AppData\Local\Opera Software\Opera Stable\Cache\data_0" deleted
"C:\Users\Marketa\AppData\Local\Opera Software\Opera Stable\Cache\data_1" deleted
"C:\Users\Marketa\AppData\Local\Opera Software\Opera Stable\Cache\data_2" deleted
"C:\Users\Marketa\AppData\Local\Opera Software\Opera Stable\Cache\data_3" deleted
"C:\Users\Marketa\AppData\Local\Opera Software\Opera Stable\Cache\index" deleted

==== EOF on 23.04.2019 at 12:03:00,80 ======================

Odpovědět