Preventivní kontrola

[Pajas92]

Ahoj,

prosím o kontrolu logu. Preventivně bych chtěl prověřit, zda je všechno v pořádku. Občas se setkávám s problémy typu:

- pomalé načítání windows
- zvýšenou fyzickou pamětí (90%+)
- pomalu načítajícími okny Chrome a občasné zamrzání samotného Chrome v případě, kdy je otevřených více lišt.

Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2019 01
Ran by Pajas (administrator) on PC (Hewlett-Packard HP ProBook 4530s) (01-12-2019 15:25:29)
Running from C:\Users\Pajas\Desktop
Loaded Profiles: Pajas (Available Profiles: Pajas)
Platform: Windows 8.1 Pro N (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19537_none_fa5691419b168859\TiWorker.exe
(Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180736 2019-11-18] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-10-25] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2347872 2018-12-12] (Sony Mobile Communications AB -> Sony)
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\system32\StikyNot.exe [479744 2014-11-22] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\MountPoints2: {519e2169-91f5-11e9-9c1a-20107afb298b} - "D:\startme.exe"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\MountPoints2: {70a97695-16e5-11e9-9c0c-20107afb298b} - "D:\LG_PC_Programs.exe"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\MountPoints2: {afaced7a-a1b6-11e9-9c1b-20107afb298b} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-12-01] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00A57539-231C-4C2E-BB4B-9EB559379754} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1397144 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {084B134E-65E4-4076-8668-6D6D824163A0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042680 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {198A59F8-ACCA-4E82-B723-7BB621CFA322} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [751920 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {1BBF6B38-CBE0-4C3E-8F80-EE0E7991BBC3} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {26234CB1-786F-4737-828D-D8ED7D0D720E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [97016 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {2BB7F48A-85D7-40AF-A78B-3A9876D602C8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1397144 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {50F4A26C-28EF-4A0B-8E8B-679D6A44556E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4400528 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {57747616-F44D-49A6-A66A-98CE48885927} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042680 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {584EC15F-C136-45D8-8774-3DC3DE14DF6D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-14] (Adobe Inc. -> Adobe)
Task: {7E68F4BF-DABE-4F41-AB57-9018838DC222} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [97016 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {888665B0-A7AD-4A33-ABEF-A5BEB7FD0963} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2019-12-01] (Google Inc -> Google Inc.)
Task: {A3C5CDE0-71E5-4A57-9210-5FDEF15734EF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2019-12-01] (Google Inc -> Google Inc.)
Task: {C4C9FA15-B43E-4D93-8FF2-0FA1814A2A58} - System32\Tasks\{2853C09D-CE6E-46FC-B6EB-9F70C7DAE470} => C:\Windows\system32\pcalua.exe -a C:\Users\Pajas\Desktop\zoek.exe -d C:\Users\Pajas\Desktop
Task: {C87DB1E3-71D0-4846-BB06-856749E17D74} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4400528 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {D38D15A7-A3FA-4FBB-906B-FEF5FE4A8BE4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-14] (Adobe Inc. -> Adobe)
Task: {DA7B1334-D37E-4DE1-BC20-A3428AC4AFA1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_pepper.exe [1453112 2019-11-14] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{89F7D101-2C0C-45B9-8A85-1FB411819394}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/cs-cz/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1622553077-2020843845-1668786408-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: p6tec7ak.default
FF ProfilePath: C:\Users\Pajas\AppData\Roaming\Mozilla\Firefox\Profiles\p6tec7ak.default [2019-12-01]
FF Homepage: Mozilla\Firefox\Profiles\p6tec7ak.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\p6tec7ak.default -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\p6tec7ak.default -> hxxps://www.tipsport.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-14] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-14] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-12-01] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-12-01] (Google Inc -> Google LLC)

Chrome:
=======
CHR Profile: C:\Users\Pajas\AppData\Local\Google\Chrome\User Data\Default [2019-12-01]
CHR Extension: (Prezentace) - C:\Users\Pajas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pajas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\Pajas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11156336 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2243136 2019-11-18] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2243136 2019-11-18] (ESET, spol. s r.o. -> ESET)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2191360 2018-12-12] (Sony) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\Windows\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-11-18] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [103264 2019-11-18] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-11-18] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50712 2019-11-18] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [77184 2019-11-18] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [114136 2019-11-18] (ESET, spol. s r.o. -> ESET)
S3 IntcDAud; C:\Windows\system32\DRIVERS\IntcDAud.sys [342528 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2018-08-16] (Apple Inc.) [File not signed]
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Apple, Inc.) [File not signed]
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\Windows\system32\drivers\amsdk.sys [X]
S3 AndnetBus; \SystemRoot\System32\drivers\lgandnetbus64.sys [X]
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X]
S3 SPUVCbv; \SystemRoot\System32\Drivers\SPUVCbv_x64.sys [X]
S3 STHDA; \SystemRoot\system32\DRIVERS\stwrt64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-01 15:24 - 2019-12-01 15:25 - 000019199 _____ C:\Users\Pajas\Desktop\FRST.txt
2019-12-01 15:04 - 2019-12-01 15:25 - 000000000 ____D C:\FRST
2019-12-01 15:03 - 2019-12-01 15:03 - 002262016 _____ (Farbar) C:\Users\Pajas\Desktop\FRST64.exe
2019-12-01 14:50 - 2019-11-05 05:21 - 000162392 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-12-01 14:50 - 2019-10-27 00:17 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-12-01 14:03 - 2019-12-01 14:03 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-01 14:03 - 2019-12-01 14:03 - 000002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-01 14:03 - 2019-12-01 14:03 - 000002279 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-01 14:02 - 2019-12-01 14:08 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-01 14:02 - 2019-12-01 14:08 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-01 13:24 - 2019-12-01 13:44 - 001654729 _____ C:\Windows\ZAM.krnl.trace
2019-12-01 13:24 - 2019-12-01 13:44 - 000000000 ____D C:\Users\Pajas\AppData\Local\AMSDK
2019-12-01 13:24 - 2019-12-01 13:24 - 000000000 ____D C:\Users\Pajas\AppData\Local\Zemana
2019-12-01 13:22 - 2019-12-01 13:22 - 000000000 ____D C:\Users\Pajas\AppData\Local\cache
2019-12-01 13:16 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2019-12-01 13:00 - 2019-12-01 13:00 - 000003096 _____ C:\Windows\system32\Tasks\{2853C09D-CE6E-46FC-B6EB-9F70C7DAE470}
2019-12-01 04:55 - 2019-12-01 05:54 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2019-12-01 04:54 - 2019-12-01 05:41 - 000000000 ____D C:\ProgramData\RogueKiller
2019-12-01 04:21 - 2019-12-01 04:21 - 000000000 ____D C:\ProgramData\Sophos
2019-12-01 04:18 - 2019-12-01 04:18 - 000000000 ____D C:\Users\Pajas\AppData\Local\mbamtray
2019-12-01 04:18 - 2019-12-01 04:18 - 000000000 ____D C:\Users\Pajas\AppData\Local\mbam
2019-12-01 04:07 - 2019-12-01 04:07 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-01 04:06 - 2019-12-01 04:06 - 001883976 _____ (Malwarebytes) C:\Users\Pajas\Downloads\MBSetup.exe
2019-12-01 04:02 - 2019-12-01 04:02 - 000000000 ____D C:\Users\Pajas\AppData\Local\Adobe
2019-11-19 23:28 - 2019-11-19 23:28 - 000000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2019-11-19 23:28 - 2019-11-19 23:28 - 000000971 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2019-11-19 23:28 - 2019-11-19 23:28 - 000000971 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2019-11-13 14:05 - 2019-10-28 04:20 - 000121040 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-11-13 14:05 - 2019-10-28 03:40 - 000098296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-11-13 14:05 - 2019-10-25 08:54 - 001208320 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-11-13 14:05 - 2019-10-24 05:07 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-11-13 14:05 - 2019-10-24 04:43 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-11-13 14:05 - 2019-10-24 04:41 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-11-13 14:05 - 2019-10-24 04:30 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-11-13 14:05 - 2019-10-24 04:29 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-11-13 14:05 - 2019-10-24 04:23 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-11-13 14:05 - 2019-10-24 04:08 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-11-13 14:05 - 2019-10-24 04:04 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-11-13 14:05 - 2019-10-24 04:01 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-11-13 14:05 - 2019-10-24 03:58 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-11-13 14:05 - 2019-10-24 03:55 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-11-13 14:05 - 2019-10-24 03:53 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-11-13 14:05 - 2019-10-24 03:53 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-11-13 14:05 - 2019-10-24 03:53 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-11-13 14:05 - 2019-10-24 03:51 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-11-13 14:05 - 2019-10-24 03:47 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-11-13 14:05 - 2019-10-24 03:39 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-11-13 14:05 - 2019-10-24 03:37 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-11-13 14:05 - 2019-10-24 03:35 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-11-13 14:05 - 2019-10-24 03:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-11-13 14:05 - 2019-10-24 03:32 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-11-13 14:05 - 2019-10-24 03:32 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-11-13 14:05 - 2019-10-24 03:32 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-11-13 14:05 - 2019-10-24 03:28 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-11-13 14:05 - 2019-10-24 03:27 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-11-13 14:05 - 2019-10-24 03:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-11-13 14:05 - 2019-10-24 03:13 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-11-13 14:05 - 2019-10-24 03:10 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-11-13 14:05 - 2019-10-24 03:09 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-11-13 14:05 - 2019-10-22 05:29 - 001541352 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-11-13 14:05 - 2019-10-22 01:42 - 001376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-11-13 14:05 - 2019-10-17 03:43 - 001368800 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-11-13 14:05 - 2019-10-17 01:53 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-11-13 14:05 - 2019-10-15 10:03 - 001311768 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-11-13 14:05 - 2019-10-15 07:15 - 007363536 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-11-13 14:05 - 2019-10-15 06:55 - 001308256 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-11-13 14:05 - 2019-10-15 06:54 - 000355576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-11-13 14:05 - 2019-10-15 04:48 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-11-13 14:05 - 2019-10-15 04:24 - 000129024 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2019-11-13 14:05 - 2019-10-15 04:08 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-11-13 14:05 - 2019-10-15 03:56 - 001994240 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-11-13 14:05 - 2019-10-15 03:47 - 001384960 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-11-13 14:05 - 2019-10-15 03:28 - 001560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-11-13 14:05 - 2019-10-15 03:27 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-11-13 14:05 - 2019-10-15 03:17 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2019-11-13 14:05 - 2019-10-11 17:29 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2019-11-13 14:05 - 2019-10-11 17:17 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2019-11-13 14:05 - 2019-10-11 16:45 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2019-11-13 14:05 - 2019-10-11 16:37 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2019-11-13 14:05 - 2019-10-11 16:17 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2019-11-13 14:05 - 2019-10-11 15:59 - 000332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2019-11-13 14:05 - 2019-10-11 05:53 - 000430840 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-11-13 14:05 - 2019-10-11 04:56 - 000320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-11-13 14:05 - 2019-10-11 03:36 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-11-13 14:05 - 2019-10-11 03:08 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-11-13 14:05 - 2019-10-11 03:02 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-11-13 14:05 - 2019-10-11 02:44 - 000697344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-11-13 14:05 - 2019-10-11 02:28 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-11-13 14:05 - 2019-10-11 02:23 - 000565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-11-13 14:05 - 2019-10-10 23:35 - 000374000 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-11-13 14:05 - 2019-10-10 23:32 - 000316144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-11-13 14:05 - 2019-10-10 17:20 - 000044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-11-13 14:05 - 2019-10-10 16:50 - 000035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-11-13 14:05 - 2019-10-09 20:38 - 000470256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-11-13 14:05 - 2019-10-09 14:35 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-11-13 14:05 - 2019-10-04 14:35 - 000929280 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-11-13 14:05 - 2019-10-04 14:18 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-11-13 14:05 - 2019-09-27 19:14 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys
2019-11-13 14:05 - 2019-09-27 18:53 - 003325440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-11-13 14:05 - 2019-09-27 17:52 - 002779648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-11-13 14:05 - 2019-09-27 17:50 - 003619328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-11-13 14:05 - 2019-09-27 17:07 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-11-13 14:05 - 2019-09-25 05:18 - 000802816 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000738816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-11-13 14:05 - 2019-09-19 07:21 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
2019-11-13 14:05 - 2019-09-19 07:11 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2019-11-13 14:05 - 2019-09-19 07:10 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2019-11-13 14:05 - 2019-09-19 07:00 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
2019-11-13 14:05 - 2019-09-19 06:59 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll
2019-11-13 14:05 - 2019-09-19 06:48 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2019-11-13 14:05 - 2019-09-19 06:26 - 000848896 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2019-11-13 14:05 - 2019-09-19 06:20 - 000333312 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll
2019-11-13 14:05 - 2019-09-19 06:16 - 000712192 _____ (Microsoft Corporation) C:\Windows\system32\DismApi.dll
2019-11-13 14:05 - 2019-09-19 04:26 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll
2019-11-13 14:05 - 2019-09-19 04:26 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll
2019-11-13 14:05 - 2019-09-12 23:46 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
2019-11-13 14:05 - 2019-09-12 23:36 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll
2019-11-13 14:05 - 2019-09-12 23:25 - 000380928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2019-11-13 14:05 - 2019-09-10 22:34 - 000354544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2019-11-13 14:05 - 2019-09-07 16:18 - 015441408 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-11-13 14:05 - 2019-09-07 16:09 - 013321728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-11-13 14:05 - 2019-09-06 14:17 - 000249856 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll
2019-11-10 17:28 - 2019-12-01 03:56 - 000000000 ____D C:\Windows\Minidump
2019-11-07 16:19 - 2019-11-07 16:19 - 000001759 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-11-07 16:19 - 2019-11-07 16:19 - 000001759 _____ C:\ProgramData\Desktop\iTunes.lnk
2019-11-07 16:19 - 2019-11-07 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-11-07 16:19 - 2019-11-07 16:19 - 000000000 ____D C:\Program Files\iTunes
2019-11-07 16:19 - 2019-11-07 16:19 - 000000000 ____D C:\Program Files\iPod
2019-11-06 14:22 - 2019-11-06 14:23 - 000000000 ____D C:\Users\Pajas\AppData\Local\TeamViewer
2019-11-06 14:21 - 2019-12-01 14:53 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-11-06 14:21 - 2019-11-06 14:21 - 000000000 ____D C:\Users\Pajas\AppData\Roaming\TeamViewer

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-01 15:00 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2019-12-01 14:59 - 2018-12-11 22:41 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1622553077-2020843845-1668786408-1001
2019-12-01 14:58 - 2014-11-22 01:04 - 001757052 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-01 14:58 - 2014-11-22 00:16 - 000744040 _____ C:\Windows\system32\perfh005.dat
2019-12-01 14:58 - 2014-11-22 00:16 - 000153154 _____ C:\Windows\system32\perfc005.dat
2019-12-01 14:58 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2019-12-01 14:53 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-01 14:47 - 2019-01-15 22:46 - 000003946 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{EE7007E9-75E9-4AD4-A3C8-4AAA3835D24E}
2019-12-01 14:03 - 2018-12-11 22:45 - 000000000 ____D C:\Users\Pajas\AppData\Local\Google
2019-12-01 14:02 - 2018-12-11 22:45 - 000000000 ____D C:\Program Files (x86)\Google
2019-12-01 13:57 - 2018-12-11 22:36 - 000000000 ____D C:\Users\Pajas\AppData\Local\VirtualStore
2019-12-01 13:54 - 2019-06-21 00:55 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-12-01 13:53 - 2018-12-11 23:17 - 000000000 ____D C:\Program Files\CCleaner
2019-12-01 13:17 - 2019-05-18 00:31 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-12-01 13:14 - 2013-08-22 16:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-12-01 05:35 - 2018-12-11 22:36 - 000000000 ____D C:\Users\Pajas
2019-12-01 04:01 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-12-01 03:57 - 2018-12-11 22:57 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-12-01 03:34 - 2018-12-11 23:32 - 000000000 ____D C:\Program Files\Common Files\Apple
2019-12-01 03:33 - 2018-12-11 23:33 - 000000000 ____D C:\Users\Pajas\AppData\Roaming\Apple Computer
2019-12-01 03:28 - 2018-12-17 20:14 - 000000000 ____D C:\Users\Pajas\AppData\Roaming\BSplayer
2019-12-01 03:27 - 2018-12-11 23:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2019-12-01 03:23 - 2018-12-13 01:16 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2019-12-01 03:23 - 2018-12-13 00:45 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-12-01 03:23 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-01 03:23 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-12-01 03:12 - 2019-03-15 02:10 - 000000000 ___RD C:\Users\Pajas\Dropbox
2019-12-01 03:11 - 2018-12-11 22:36 - 000000000 ____D C:\Users\Pajas\AppData\Local\Packages
2019-12-01 02:48 - 2018-12-15 06:05 - 001045504 ___SH C:\Users\Pajas\Downloads\Thumbs.db
2019-11-23 01:01 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache
2019-11-23 00:54 - 2018-12-13 00:43 - 000000000 ___RD C:\Users\Pajas\iCloudDrive
2019-11-23 00:50 - 2018-12-11 23:20 - 000000000 ____D C:\Users\Pajas\AppData\Roaming\vlc
2019-11-20 23:19 - 2018-12-11 22:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-11-20 23:09 - 2013-08-22 15:44 - 005121616 _____ C:\Windows\system32\FNTCACHE.DAT
2019-11-20 02:23 - 2018-12-13 00:21 - 000000000 ____D C:\Windows\system32\appraiser
2019-11-20 02:23 - 2018-12-11 22:44 - 000157059 ____H C:\Users\Pajas\AppData\Local\IconCache.db.backup
2019-11-20 02:23 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-11-20 02:23 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-11-20 02:23 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\oobe
2019-11-20 02:23 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\Dism
2019-11-18 21:25 - 2018-09-04 12:23 - 000189512 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2019-11-18 21:25 - 2018-09-04 12:23 - 000149944 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2019-11-18 21:25 - 2018-09-04 12:23 - 000114136 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2019-11-18 21:25 - 2018-09-04 12:23 - 000103264 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2019-11-18 21:25 - 2018-09-04 12:23 - 000077184 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2019-11-18 21:25 - 2018-09-04 12:23 - 000050712 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2019-11-17 21:42 - 2018-12-15 06:56 - 000000600 _____ C:\Users\Pajas\AppData\Roaming\winscp.rnd
2019-11-16 22:16 - 2018-12-11 23:13 - 000025600 _____ C:\Users\Pajas\Documents\client.db
2019-11-14 05:38 - 2018-12-12 22:43 - 000000000 ____D C:\Windows\system32\MRT
2019-11-14 05:33 - 2018-12-12 22:43 - 128443096 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-11-14 04:48 - 2019-04-16 20:19 - 000004486 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-11-14 04:48 - 2019-04-16 20:19 - 000004366 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-11-14 04:48 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-11-14 04:48 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-11-14 03:48 - 2019-04-16 20:48 - 000004474 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier

==================== Files in the root of some directories ========

2019-03-08 20:35 - 2019-03-29 15:25 - 000000132 _____ () C:\Users\Pajas\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-12-15 06:56 - 2019-11-17 21:42 - 000000600 _____ () C:\Users\Pajas\AppData\Roaming\winscp.rnd

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-12-01 04:52
==================== End of FRST.txt ========================

[Pajas92]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01
Ran by Pajas (01-12-2019 15:26:13)
Running from C:\Users\Pajas\Desktop
Windows 8.1 Pro N (Update) (X64) (2018-12-11 21:36:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1622553077-2020843845-1668786408-500 - Administrator - Disabled)
Guest (S-1-5-21-1622553077-2020843845-1668786408-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1622553077-2020843845-1668786408-1003 - Limited - Enabled)
Pajas (S-1-5-21-1622553077-2020843845-1668786408-1001 - Administrator - Enabled) => C:\Users\Pajas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.293 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
ESET Security (HKLM\...\{0813F772-F554-4DA9-9CEA-ABCE6321BDFD}) (Version: 13.0.22.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.40.1161 - Intel Corporation)
iTunes (HKLM\...\{E109DA49-B4C0-4576-AC6C-7053C5782A61}) (Version: 12.10.2.3 - Apple Inc.)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Microsoft .NET Core SDK - 2.1.202 (x64) (HKLM-x32\...\{06b884b0-4947-4439-859f-098e431012d6}) (Version: 2.1.202 - Microsoft Corporation)
Microsoft .NET Core SDK 2.1.502 (x64) (HKLM-x32\...\{6e700b89-6f3c-4dff-b957-44b77c8a4b0e}) (Version: 2.1.502 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11328.20468 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20468 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20468 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20468 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11328.20468 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{BED24701-751B-41C5-8888-A8EABAB9FE8C}) (Version: 8.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{88F21C94-88AF-4665-AF4F-FECB1FA059B9}) (Version: 8.1 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Red Alert 2 + Yuri's Revenge CZ (HKLM-x32\...\{A1FE85A6-F08F-4F71-A5F5-03AD8C4F4EED}) (Version: 5.1.6 - NOMINEE s.r.o.) Hidden
Služba Xperia Companion (HKLM\...\{034C1685-55DC-4C0F-A802-970803148AE0}) (Version: 2.4.3.0 - Sony) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.25 - Synaptics Incorporated)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows SDK AddOn (HKLM-x32\...\{1E76DFA7-96F3-4281-8E41-8A226C3E42EE}) (Version: 10.1.0.0 - Microsoft Corporation)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinSCP 5.9.1 (HKLM-x32\...\winscp3_is1) (Version: 5.9.1 - Martin Prikryl)
Xperia Companion (HKLM-x32\...\{C32507B2-D80A-45DD-8D31-31858292C91C}) (Version: 2.4.3.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{f7c475f1-4d2f-48c3-b5d1-6ffc35a6828a}) (Version: 2.4.3.0 - Sony)

Packages:
=========
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2018-12-12] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2018-12-12] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2018-12-12] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-12-11 22:41 - 2012-01-19 12:41 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2018-12-11 22:41 - 2012-01-19 12:37 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\sharepoint.com -> hxxps://unihk-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-12-01 13:02 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\dotnet\
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pajas\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{62A3930F-2458-43CF-90B0-A7D0F8F1FF69}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8FA4A711-D34F-41DE-9DC1-96E39308BFEC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B46F37DB-B085-47EF-A47A-804268066A51}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{11A2687B-BB99-44E3-8966-0495D3401BDA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{43418EFB-7AE8-4742-8B6B-6C1E8A3BE69A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{583248CE-8382-466A-B7AE-81426FAE18F0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{066A8FCB-8345-4576-8A54-C31FAC94C64C}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony)
FirewallRules: [{4C44DD22-0FC0-46C0-A0EC-0F1FE24F9331}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0EDC223D-F859-4BB9-8ECD-3D7BDDA4E95D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{962BFA40-E39C-4CA3-8994-87051DD57ED6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9619D785-9572-4F8E-8FE3-0477CF2F66B2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E306ECF7-5528-4C91-A484-65A6676D1967}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FCC7C003-07EC-42BA-94B4-DC3C6A98BFDB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

01-12-2019 13:47:08 End of disinfection

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/01/2019 06:42:52 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek Rezervováno systémem nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).

Error: (12/01/2019 06:42:11 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (12/01/2019 06:42:11 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (12/01/2019 05:35:22 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (12/01/2019 04:52:53 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek Rezervováno systémem nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).

Error: (12/01/2019 04:04:53 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/01/2019 03:33:52 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.

Error: (12/01/2019 03:33:51 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.


System errors:
=============
Error: (12/01/2019 01:14:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/01/2019 01:14:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/01/2019 01:14:01 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/01/2019 01:14:01 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/01/2019 01:14:01 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (12/01/2019 06:43:50 AM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/01/2019 06:43:20 AM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/01/2019 04:53:52 AM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2018-12-11 22:47:24.178
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-12-11 22:44:40.136
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2018-12-11 22:33:17.739
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

CodeIntegrity:
===================================

Date: 2019-12-01 03:21:53.538
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-01 03:21:51.287
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-01 03:21:48.881
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-01 03:21:46.373
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-01 03:21:43.021
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-01 03:21:38.907
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-01 03:21:33.960
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-01 03:21:29.002
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Hewlett-Packard 68SRR Ver. F.65 02/13/2018
Motherboard: Hewlett-Packard 167C
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 38%
Total physical RAM: 4030.36 MB
Available physical RAM: 2487.5 MB
Total Virtual: 6334.36 MB
Available Virtual: 4838.44 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.79 GB) (Free:390.38 GB) NTFS

\\?\Volume{513c97df-fd8c-11e8-9bf5-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 6BE3A12F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[Conder]

Ahoj

Da sa povedat, ze pri 4 GB RAM je normalne, ze pri otvoreni viacerych kariet v prehliadaci bude vyssie vyuzitie RAM. Problem by sa dal ciastocne vyriesit rozsirenim RAM, tento notebook (HP 4530s) by mal mat jeden slot volny a mal by podporovat max. 8 GB RAM.

Logy vyzeraju OK co sa tyka malware, ale samozrejme mozeme precistit zbytocnosti.

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

[Pajas92]

Ahoj,

nechal jsem to zkontrolovat.

Zkusím tedy ještě objednat. Předpokládám, že tato by měla být OK.

https://www.czc.cz/kingston-4gb-drr3-13 ... 07/produkt, dohledal jsem dle: https://www.kingston.com/en/memory/sear ... odel=69597.


Určitě budu rád, když to alespoň pročistíme od zbytečností. Případně existuje nějaký návod, dle čeho tyto zbytečnosti rozpoznat z logu a nechat je "fixnout"? Abych to případně prošel na dalších zařízeních a nemusel časem zakládat další téma? Podle již vyřešených témat, které jsem si prošel jsem si všiml, že většinou se jedná například o "-> No File <==== ATTENTION", ale tolik se v tom nevyznám na co se zaměřit.

Děkuji


# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build: 11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-02-2019
# Duration: 00:00:15
# OS: Windows 8.1 Pro N
# Scanned: 35225
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[Conder]

RAMka by mala sediet, ale preistotu este stiahni stiahni program CPU-Z a posli screenshoty z karty Memory a SPD (pozriem aktualny RAM modul).

Poprosim o obidva nove logy z FRST.

Ak chces precistit viacero PC, tak kludne mozes zalozit aj viacero threadov naraz. Inak sice mas pravdu, ze "No File" alebo "ATTENTION" riadky sa vacsinou mazu, ale nemusi to vzdy platit. Viacmenej sa neodporuca robit vlastne fixlisty, ak si nie si isty, co dany riadok urobi alebo zmaze.

Ak by si ale nutne chcel nejaku bezpecnu alternativu pre vsetky PC, tak prikaz "EmptyTemp:" (na precistenie docasnych suborov a inych zbytocnosti) je bezpecny a aj pomerne ucinny. Vies o tomto prikaze mozes najst napr. tu, ak vies po anglicky: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

[Pajas92]

Dobře, přikládám výstřižky z aplikace.

Děkuji za návod - zkusím se tím pomalu "prokousat" a snad si z toho něco odnesu

Záložka MEMORY

memory.PNG (17.8 KiB) Zobrazeno 2143 x

[Pajas92]

Záložka - SPD

SPD.PNG (20.15 KiB) Zobrazeno 2141 x

[Pajas92]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-12-2019
Ran by Pajas (administrator) on PC (Hewlett-Packard HP ProBook 4530s) (03-12-2019 22:10:43)
Running from C:\Users\Pajas\Desktop
Loaded Profiles: Pajas (Available Profiles: Pajas)
Platform: Windows 8.1 Pro N (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19537_none_fa5691419b168859\TiWorker.exe
(Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180736 2019-11-18] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-10-25] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2347872 2018-12-12] (Sony Mobile Communications AB -> Sony)
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\MountPoints2: {519e2169-91f5-11e9-9c1a-20107afb298b} - "D:\startme.exe"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\MountPoints2: {70a97695-16e5-11e9-9c0c-20107afb298b} - "D:\LG_PC_Programs.exe"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\MountPoints2: {afaced7a-a1b6-11e9-9c1b-20107afb298b} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-12-01] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00A57539-231C-4C2E-BB4B-9EB559379754} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1397144 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {084B134E-65E4-4076-8668-6D6D824163A0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042680 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {198A59F8-ACCA-4E82-B723-7BB621CFA322} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [751920 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {1BBF6B38-CBE0-4C3E-8F80-EE0E7991BBC3} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {26234CB1-786F-4737-828D-D8ED7D0D720E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [97016 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {2BB7F48A-85D7-40AF-A78B-3A9876D602C8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1397144 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {50F4A26C-28EF-4A0B-8E8B-679D6A44556E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4400528 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {57747616-F44D-49A6-A66A-98CE48885927} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042680 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {584EC15F-C136-45D8-8774-3DC3DE14DF6D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-14] (Adobe Inc. -> Adobe)
Task: {7E68F4BF-DABE-4F41-AB57-9018838DC222} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [97016 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {888665B0-A7AD-4A33-ABEF-A5BEB7FD0963} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2019-12-01] (Google Inc -> Google Inc.)
Task: {A3C5CDE0-71E5-4A57-9210-5FDEF15734EF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2019-12-01] (Google Inc -> Google Inc.)
Task: {C4C9FA15-B43E-4D93-8FF2-0FA1814A2A58} - System32\Tasks\{2853C09D-CE6E-46FC-B6EB-9F70C7DAE470} => C:\Windows\system32\pcalua.exe -a C:\Users\Pajas\Desktop\zoek.exe -d C:\Users\Pajas\Desktop
Task: {C87DB1E3-71D0-4846-BB06-856749E17D74} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4400528 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {D38D15A7-A3FA-4FBB-906B-FEF5FE4A8BE4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-14] (Adobe Inc. -> Adobe)
Task: {DA7B1334-D37E-4DE1-BC20-A3428AC4AFA1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_pepper.exe [1453112 2019-11-14] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{89F7D101-2C0C-45B9-8A85-1FB411819394}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/cs-cz/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1622553077-2020843845-1668786408-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: p6tec7ak.default
FF ProfilePath: C:\Users\Pajas\AppData\Roaming\Mozilla\Firefox\Profiles\p6tec7ak.default [2019-12-01]
FF Homepage: Mozilla\Firefox\Profiles\p6tec7ak.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\p6tec7ak.default -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\p6tec7ak.default -> hxxps://www.tipsport.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-14] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-14] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-12-01] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-12-01] (Google Inc -> Google LLC)

Chrome:
=======
CHR Profile: C:\Users\Pajas\AppData\Local\Google\Chrome\User Data\Default [2019-12-03]
CHR Extension: (Prezentace) - C:\Users\Pajas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pajas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\Pajas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"cpuz149" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\cpuz149 => \??\C:\Windows\temp\cpuz149\cpuz149_x64.sys <==== ATTENTION (Rootkit!/Locked Service)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11156336 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2243136 2019-11-18] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2243136 2019-11-18] (ESET, spol. s r.o. -> ESET)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2191360 2018-12-12] (Sony) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\Windows\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-11-18] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [103264 2019-11-18] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-11-18] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50712 2019-11-18] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [77184 2019-11-18] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [114136 2019-11-18] (ESET, spol. s r.o. -> ESET)
S3 IntcDAud; C:\Windows\system32\DRIVERS\IntcDAud.sys [342528 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2018-08-16] (Apple Inc.) [File not signed]
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Apple, Inc.) [File not signed]
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\Windows\system32\drivers\amsdk.sys [X]
S3 AndnetBus; \SystemRoot\System32\drivers\lgandnetbus64.sys [X]
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X]
S3 SPUVCbv; \SystemRoot\System32\Drivers\SPUVCbv_x64.sys [X]
S3 STHDA; \SystemRoot\system32\DRIVERS\stwrt64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-03 22:10 - 2019-12-03 22:11 - 000019284 _____ C:\Users\Pajas\Desktop\FRST.txt
2019-12-03 22:10 - 2019-12-03 22:10 - 000000000 ____D C:\FRST
2019-12-03 22:09 - 2019-12-03 22:10 - 002263040 _____ (Farbar) C:\Users\Pajas\Desktop\FRST64.exe
2019-12-03 22:01 - 2019-12-03 22:01 - 001892368 _____ (CPUID, Inc. ) C:\Users\Pajas\Downloads\cpu-z_1.90-en.exe
2019-12-03 22:01 - 2019-12-03 22:01 - 000000885 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2019-12-03 22:01 - 2019-12-03 22:01 - 000000885 _____ C:\ProgramData\Desktop\CPUID CPU-Z.lnk
2019-12-03 22:01 - 2019-12-03 22:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2019-12-03 22:01 - 2019-12-03 22:01 - 000000000 ____D C:\Program Files\CPUID
2019-12-02 19:58 - 2019-12-02 19:59 - 000000000 ____D C:\AdwCleaner
2019-12-02 16:15 - 2019-12-02 16:15 - 000030661 _____ C:\Users\Pajas\Downloads\FRST_logy.rar
2019-12-01 16:05 - 2019-12-01 16:05 - 000165888 _____ C:\Users\Pajas\Downloads\T-Cleaner.exe
2019-12-01 15:40 - 2019-12-01 15:40 - 008218800 _____ (Malwarebytes) C:\Users\Pajas\Desktop\adwcleaner_8.0.0.exe
2019-12-01 14:50 - 2019-11-05 05:21 - 000162392 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-12-01 14:50 - 2019-10-27 00:17 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-12-01 14:03 - 2019-12-01 14:03 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-01 14:03 - 2019-12-01 14:03 - 000002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-01 14:03 - 2019-12-01 14:03 - 000002279 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-01 14:02 - 2019-12-01 14:08 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-01 14:02 - 2019-12-01 14:08 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-01 13:24 - 2019-12-01 13:44 - 001654729 _____ C:\Windows\ZAM.krnl.trace
2019-12-01 13:24 - 2019-12-01 13:44 - 000000000 ____D C:\Users\Pajas\AppData\Local\AMSDK
2019-12-01 13:24 - 2019-12-01 13:24 - 000000000 ____D C:\Users\Pajas\AppData\Local\Zemana
2019-12-01 13:22 - 2019-12-01 13:22 - 000000000 ____D C:\Users\Pajas\AppData\Local\cache
2019-12-01 13:16 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2019-12-01 13:00 - 2019-12-01 13:00 - 000003096 _____ C:\Windows\system32\Tasks\{2853C09D-CE6E-46FC-B6EB-9F70C7DAE470}
2019-12-01 04:55 - 2019-12-01 05:54 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2019-12-01 04:54 - 2019-12-01 05:41 - 000000000 ____D C:\ProgramData\RogueKiller
2019-12-01 04:21 - 2019-12-01 04:21 - 000000000 ____D C:\ProgramData\Sophos
2019-12-01 04:18 - 2019-12-01 04:18 - 000000000 ____D C:\Users\Pajas\AppData\Local\mbamtray
2019-12-01 04:18 - 2019-12-01 04:18 - 000000000 ____D C:\Users\Pajas\AppData\Local\mbam
2019-12-01 04:07 - 2019-12-01 04:07 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-01 04:06 - 2019-12-01 04:06 - 001883976 _____ (Malwarebytes) C:\Users\Pajas\Downloads\MBSetup.exe
2019-12-01 04:02 - 2019-12-01 04:02 - 000000000 ____D C:\Users\Pajas\AppData\Local\Adobe
2019-11-19 23:28 - 2019-11-19 23:28 - 000000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2019-11-19 23:28 - 2019-11-19 23:28 - 000000971 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2019-11-19 23:28 - 2019-11-19 23:28 - 000000971 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2019-11-13 14:05 - 2019-10-28 04:20 - 000121040 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-11-13 14:05 - 2019-10-28 03:40 - 000098296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-11-13 14:05 - 2019-10-25 08:54 - 001208320 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-11-13 14:05 - 2019-10-24 05:07 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-11-13 14:05 - 2019-10-24 04:43 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-11-13 14:05 - 2019-10-24 04:41 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-11-13 14:05 - 2019-10-24 04:30 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-11-13 14:05 - 2019-10-24 04:29 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-11-13 14:05 - 2019-10-24 04:23 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-11-13 14:05 - 2019-10-24 04:08 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-11-13 14:05 - 2019-10-24 04:04 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-11-13 14:05 - 2019-10-24 04:01 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-11-13 14:05 - 2019-10-24 03:58 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-11-13 14:05 - 2019-10-24 03:55 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-11-13 14:05 - 2019-10-24 03:53 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-11-13 14:05 - 2019-10-24 03:53 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-11-13 14:05 - 2019-10-24 03:53 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-11-13 14:05 - 2019-10-24 03:51 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-11-13 14:05 - 2019-10-24 03:47 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-11-13 14:05 - 2019-10-24 03:39 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-11-13 14:05 - 2019-10-24 03:37 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-11-13 14:05 - 2019-10-24 03:35 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-11-13 14:05 - 2019-10-24 03:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-11-13 14:05 - 2019-10-24 03:32 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-11-13 14:05 - 2019-10-24 03:32 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-11-13 14:05 - 2019-10-24 03:32 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-11-13 14:05 - 2019-10-24 03:28 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-11-13 14:05 - 2019-10-24 03:27 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-11-13 14:05 - 2019-10-24 03:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-11-13 14:05 - 2019-10-24 03:13 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-11-13 14:05 - 2019-10-24 03:10 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-11-13 14:05 - 2019-10-24 03:09 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-11-13 14:05 - 2019-10-22 05:29 - 001541352 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-11-13 14:05 - 2019-10-22 01:42 - 001376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-11-13 14:05 - 2019-10-17 03:43 - 001368800 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-11-13 14:05 - 2019-10-17 01:53 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-11-13 14:05 - 2019-10-15 10:03 - 001311768 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-11-13 14:05 - 2019-10-15 07:15 - 007363536 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-11-13 14:05 - 2019-10-15 06:55 - 001308256 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-11-13 14:05 - 2019-10-15 06:54 - 000355576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-11-13 14:05 - 2019-10-15 04:48 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-11-13 14:05 - 2019-10-15 04:24 - 000129024 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2019-11-13 14:05 - 2019-10-15 04:08 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-11-13 14:05 - 2019-10-15 03:56 - 001994240 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-11-13 14:05 - 2019-10-15 03:47 - 001384960 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-11-13 14:05 - 2019-10-15 03:28 - 001560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-11-13 14:05 - 2019-10-15 03:27 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-11-13 14:05 - 2019-10-15 03:17 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2019-11-13 14:05 - 2019-10-11 17:29 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2019-11-13 14:05 - 2019-10-11 17:17 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2019-11-13 14:05 - 2019-10-11 16:45 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2019-11-13 14:05 - 2019-10-11 16:37 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2019-11-13 14:05 - 2019-10-11 16:17 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2019-11-13 14:05 - 2019-10-11 15:59 - 000332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2019-11-13 14:05 - 2019-10-11 05:53 - 000430840 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-11-13 14:05 - 2019-10-11 04:56 - 000320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-11-13 14:05 - 2019-10-11 03:36 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-11-13 14:05 - 2019-10-11 03:08 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-11-13 14:05 - 2019-10-11 03:02 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-11-13 14:05 - 2019-10-11 02:44 - 000697344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-11-13 14:05 - 2019-10-11 02:28 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-11-13 14:05 - 2019-10-11 02:23 - 000565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-11-13 14:05 - 2019-10-10 23:35 - 000374000 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-11-13 14:05 - 2019-10-10 23:32 - 000316144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-11-13 14:05 - 2019-10-10 17:20 - 000044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-11-13 14:05 - 2019-10-10 16:50 - 000035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-11-13 14:05 - 2019-10-09 20:38 - 000470256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-11-13 14:05 - 2019-10-09 14:35 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-11-13 14:05 - 2019-10-04 14:35 - 000929280 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-11-13 14:05 - 2019-10-04 14:18 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-11-13 14:05 - 2019-09-27 19:14 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys
2019-11-13 14:05 - 2019-09-27 18:53 - 003325440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-11-13 14:05 - 2019-09-27 17:52 - 002779648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-11-13 14:05 - 2019-09-27 17:50 - 003619328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-11-13 14:05 - 2019-09-27 17:07 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-11-13 14:05 - 2019-09-25 05:18 - 000802816 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000738816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-11-13 14:05 - 2019-09-19 07:21 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
2019-11-13 14:05 - 2019-09-19 07:11 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2019-11-13 14:05 - 2019-09-19 07:10 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2019-11-13 14:05 - 2019-09-19 07:00 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
2019-11-13 14:05 - 2019-09-19 06:59 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll
2019-11-13 14:05 - 2019-09-19 06:48 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2019-11-13 14:05 - 2019-09-19 06:26 - 000848896 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2019-11-13 14:05 - 2019-09-19 06:20 - 000333312 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll
2019-11-13 14:05 - 2019-09-19 06:16 - 000712192 _____ (Microsoft Corporation) C:\Windows\system32\DismApi.dll
2019-11-13 14:05 - 2019-09-19 04:26 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll
2019-11-13 14:05 - 2019-09-19 04:26 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll
2019-11-13 14:05 - 2019-09-12 23:46 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
2019-11-13 14:05 - 2019-09-12 23:36 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll
2019-11-13 14:05 - 2019-09-12 23:25 - 000380928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2019-11-13 14:05 - 2019-09-10 22:34 - 000354544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2019-11-13 14:05 - 2019-09-07 16:18 - 015441408 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-11-13 14:05 - 2019-09-07 16:09 - 013321728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-11-13 14:05 - 2019-09-06 14:17 - 000249856 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll
2019-11-10 17:28 - 2019-12-01 03:56 - 000000000 ____D C:\Windows\Minidump
2019-11-07 16:19 - 2019-11-07 16:19 - 000001759 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-11-07 16:19 - 2019-11-07 16:19 - 000001759 _____ C:\ProgramData\Desktop\iTunes.lnk
2019-11-07 16:19 - 2019-11-07 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-11-07 16:19 - 2019-11-07 16:19 - 000000000 ____D C:\Program Files\iTunes
2019-11-07 16:19 - 2019-11-07 16:19 - 000000000 ____D C:\Program Files\iPod
2019-11-06 14:22 - 2019-11-06 14:23 - 000000000 ____D C:\Users\Pajas\AppData\Local\TeamViewer
2019-11-06 14:21 - 2019-12-01 16:31 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-11-06 14:21 - 2019-11-06 14:21 - 000000000 ____D C:\Users\Pajas\AppData\Roaming\TeamViewer

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-03 22:07 - 2018-12-11 22:41 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1622553077-2020843845-1668786408-1001
2019-12-03 22:03 - 2018-12-11 23:39 - 000815104 ___SH C:\Users\Pajas\Desktop\Thumbs.db
2019-12-03 16:25 - 2019-01-15 22:46 - 000003946 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{EE7007E9-75E9-4AD4-A3C8-4AAA3835D24E}
2019-12-02 16:17 - 2018-12-11 23:13 - 000025600 _____ C:\Users\Pajas\Documents\client.db
2019-12-01 17:38 - 2014-11-22 01:04 - 001757052 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-01 17:38 - 2014-11-22 00:16 - 000744040 _____ C:\Windows\system32\perfh005.dat
2019-12-01 17:38 - 2014-11-22 00:16 - 000153154 _____ C:\Windows\system32\perfc005.dat
2019-12-01 17:38 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2019-12-01 16:31 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-01 16:06 - 2018-12-11 22:36 - 000000000 ____D C:\Users\Pajas
2019-12-01 16:06 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2019-12-01 14:03 - 2018-12-11 22:45 - 000000000 ____D C:\Users\Pajas\AppData\Local\Google
2019-12-01 14:02 - 2018-12-11 22:45 - 000000000 ____D C:\Program Files (x86)\Google
2019-12-01 13:57 - 2018-12-11 22:36 - 000000000 ____D C:\Users\Pajas\AppData\Local\VirtualStore
2019-12-01 13:54 - 2019-06-21 00:55 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-12-01 13:53 - 2018-12-11 23:17 - 000000000 ____D C:\Program Files\CCleaner
2019-12-01 13:17 - 2019-05-18 00:31 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-12-01 13:14 - 2013-08-22 16:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-12-01 04:01 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-12-01 03:57 - 2018-12-11 22:57 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-12-01 03:34 - 2018-12-11 23:32 - 000000000 ____D C:\Program Files\Common Files\Apple
2019-12-01 03:33 - 2018-12-11 23:33 - 000000000 ____D C:\Users\Pajas\AppData\Roaming\Apple Computer
2019-12-01 03:28 - 2018-12-17 20:14 - 000000000 ____D C:\Users\Pajas\AppData\Roaming\BSplayer
2019-12-01 03:27 - 2018-12-11 23:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2019-12-01 03:23 - 2018-12-13 01:16 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2019-12-01 03:23 - 2018-12-13 00:45 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-12-01 03:23 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-01 03:23 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-12-01 03:12 - 2019-03-15 02:10 - 000000000 ___RD C:\Users\Pajas\Dropbox
2019-12-01 03:11 - 2018-12-11 22:36 - 000000000 ____D C:\Users\Pajas\AppData\Local\Packages
2019-12-01 02:48 - 2018-12-15 06:05 - 001045504 ___SH C:\Users\Pajas\Downloads\Thumbs.db
2019-11-23 01:01 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache
2019-11-23 00:54 - 2018-12-13 00:43 - 000000000 ___RD C:\Users\Pajas\iCloudDrive
2019-11-23 00:50 - 2018-12-11 23:20 - 000000000 ____D C:\Users\Pajas\AppData\Roaming\vlc
2019-11-20 23:19 - 2018-12-11 22:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-11-20 23:09 - 2013-08-22 15:44 - 005121616 _____ C:\Windows\system32\FNTCACHE.DAT
2019-11-20 02:23 - 2018-12-13 00:21 - 000000000 ____D C:\Windows\system32\appraiser
2019-11-20 02:23 - 2018-12-11 22:44 - 000157059 ____H C:\Users\Pajas\AppData\Local\IconCache.db.backup
2019-11-20 02:23 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-11-20 02:23 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-11-20 02:23 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\oobe
2019-11-20 02:23 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\Dism
2019-11-18 21:25 - 2018-09-04 12:23 - 000189512 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2019-11-18 21:25 - 2018-09-04 12:23 - 000149944 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2019-11-18 21:25 - 2018-09-04 12:23 - 000114136 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2019-11-18 21:25 - 2018-09-04 12:23 - 000103264 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2019-11-18 21:25 - 2018-09-04 12:23 - 000077184 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2019-11-18 21:25 - 2018-09-04 12:23 - 000050712 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2019-11-17 21:42 - 2018-12-15 06:56 - 000000600 _____ C:\Users\Pajas\AppData\Roaming\winscp.rnd
2019-11-14 05:38 - 2018-12-12 22:43 - 000000000 ____D C:\Windows\system32\MRT
2019-11-14 05:33 - 2018-12-12 22:43 - 128443096 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-11-14 04:48 - 2019-04-16 20:19 - 000004486 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-11-14 04:48 - 2019-04-16 20:19 - 000004366 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-11-14 04:48 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-11-14 04:48 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-11-14 03:48 - 2019-04-16 20:48 - 000004474 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier

==================== Files in the root of some directories ========

2019-03-08 20:35 - 2019-03-29 15:25 - 000000132 _____ () C:\Users\Pajas\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-12-15 06:56 - 2019-11-17 21:42 - 000000600 _____ () C:\Users\Pajas\AppData\Roaming\winscp.rnd

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-12-01 04:52
==================== End of FRST.txt ========================

[Pajas92]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-12-2019
Ran by Pajas (03-12-2019 22:11:37)
Running from C:\Users\Pajas\Desktop
Windows 8.1 Pro N (Update) (X64) (2018-12-11 21:36:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1622553077-2020843845-1668786408-500 - Administrator - Disabled)
Guest (S-1-5-21-1622553077-2020843845-1668786408-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1622553077-2020843845-1668786408-1003 - Limited - Enabled)
Pajas (S-1-5-21-1622553077-2020843845-1668786408-1001 - Administrator - Enabled) => C:\Users\Pajas

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.293 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.)
ESET Security (HKLM\...\{0813F772-F554-4DA9-9CEA-ABCE6321BDFD}) (Version: 13.0.22.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.40.1161 - Intel Corporation)
iTunes (HKLM\...\{E109DA49-B4C0-4576-AC6C-7053C5782A61}) (Version: 12.10.2.3 - Apple Inc.)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Microsoft .NET Core SDK - 2.1.202 (x64) (HKLM-x32\...\{06b884b0-4947-4439-859f-098e431012d6}) (Version: 2.1.202 - Microsoft Corporation)
Microsoft .NET Core SDK 2.1.502 (x64) (HKLM-x32\...\{6e700b89-6f3c-4dff-b957-44b77c8a4b0e}) (Version: 2.1.502 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11328.20468 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20468 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20468 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20468 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11328.20468 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{BED24701-751B-41C5-8888-A8EABAB9FE8C}) (Version: 8.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{88F21C94-88AF-4665-AF4F-FECB1FA059B9}) (Version: 8.1 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Red Alert 2 + Yuri's Revenge CZ (HKLM-x32\...\{A1FE85A6-F08F-4F71-A5F5-03AD8C4F4EED}) (Version: 5.1.6 - NOMINEE s.r.o.) Hidden
Služba Xperia Companion (HKLM\...\{034C1685-55DC-4C0F-A802-970803148AE0}) (Version: 2.4.3.0 - Sony) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.25 - Synaptics Incorporated)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows SDK AddOn (HKLM-x32\...\{1E76DFA7-96F3-4281-8E41-8A226C3E42EE}) (Version: 10.1.0.0 - Microsoft Corporation)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinSCP 5.9.1 (HKLM-x32\...\winscp3_is1) (Version: 5.9.1 - Martin Prikryl)
Xperia Companion (HKLM-x32\...\{C32507B2-D80A-45DD-8D31-31858292C91C}) (Version: 2.4.3.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{f7c475f1-4d2f-48c3-b5d1-6ffc35a6828a}) (Version: 2.4.3.0 - Sony)

Packages:
=========
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2018-12-12] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2018-12-12] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2018-12-12] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-18] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-12-11 22:41 - 2012-01-19 12:41 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2018-12-11 22:41 - 2012-01-19 12:37 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\sharepoint.com -> hxxps://unihk-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-12-01 13:02 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\dotnet\
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pajas\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{62A3930F-2458-43CF-90B0-A7D0F8F1FF69}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8FA4A711-D34F-41DE-9DC1-96E39308BFEC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B46F37DB-B085-47EF-A47A-804268066A51}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{11A2687B-BB99-44E3-8966-0495D3401BDA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{43418EFB-7AE8-4742-8B6B-6C1E8A3BE69A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{583248CE-8382-466A-B7AE-81426FAE18F0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{066A8FCB-8345-4576-8A54-C31FAC94C64C}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony)
FirewallRules: [{4C44DD22-0FC0-46C0-A0EC-0F1FE24F9331}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0EDC223D-F859-4BB9-8ECD-3D7BDDA4E95D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{962BFA40-E39C-4CA3-8994-87051DD57ED6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9619D785-9572-4F8E-8FE3-0477CF2F66B2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E306ECF7-5528-4C91-A484-65A6676D1967}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FCC7C003-07EC-42BA-94B4-DC3C6A98BFDB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

01-12-2019 13:47:08 End of disinfection

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/03/2019 05:26:30 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/02/2019 09:43:01 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek Rezervováno systémem nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).

Error: (12/02/2019 02:06:49 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/01/2019 06:42:52 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek Rezervováno systémem nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).

Error: (12/01/2019 06:42:11 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (12/01/2019 06:42:11 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (12/01/2019 05:35:22 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (12/01/2019 04:52:53 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek Rezervováno systémem nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).


System errors:
=============
Error: (12/03/2019 05:39:47 AM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/03/2019 05:39:17 AM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/02/2019 09:43:58 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/02/2019 09:43:28 PM) (Source: DCOM) (EventID: 10010) (User: PC)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/01/2019 03:44:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/01/2019 03:44:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (12/01/2019 03:44:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba Xperia Companion byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/01/2019 01:14:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Windows Defender:
===================================
Date: 2018-12-11 22:47:24.178
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2018-12-11 22:44:40.136
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2018-12-11 22:33:17.739
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

CodeIntegrity:
===================================

Date: 2019-12-01 03:21:53.538
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-01 03:21:51.287
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-01 03:21:48.881
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-01 03:21:46.373
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-01 03:21:43.021
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-01 03:21:38.907
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-01 03:21:33.960
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-12-01 03:21:29.002
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Hewlett-Packard 68SRR Ver. F.65 02/13/2018
Motherboard: Hewlett-Packard 167C
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 41%
Total physical RAM: 4030.36 MB
Available physical RAM: 2364.59 MB
Total Virtual: 6334.36 MB
Available Virtual: 4803.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.79 GB) (Free:389.62 GB) NTFS

\\?\Volume{513c97df-fd8c-11e8-9bf5-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 6BE3A12F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[Conder]

Vybrana RAM by mala byt kompatibilna.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\Run: [AdobeBridge] => [X]
  HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\MountPoints2: {519e2169-91f5-11e9-9c1a-20107afb298b} - "D:\startme.exe" 
  HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\MountPoints2: {70a97695-16e5-11e9-9c0c-20107afb298b} - "D:\LG_PC_Programs.exe" 
  HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\MountPoints2: {afaced7a-a1b6-11e9-9c1b-20107afb298b} - "D:\HiSuiteDownLoader.exe" 
  Task: {C4C9FA15-B43E-4D93-8FF2-0FA1814A2A58} - System32\Tasks\{2853C09D-CE6E-46FC-B6EB-9F70C7DAE470} => C:\Windows\system32\pcalua.exe -a C:\Users\Pajas\Desktop\zoek.exe -d C:\Users\Pajas\Desktop
  U5 cpuz149;
  S1 amsdk; \??\C:\Windows\system32\drivers\amsdk.sys [X]
  S3 AndnetBus; \SystemRoot\System32\drivers\lgandnetbus64.sys [X]
  S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
  S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
  S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X]
  S3 SPUVCbv; \SystemRoot\System32\Drivers\SPUVCbv_x64.sys [X]
  S3 STHDA; \SystemRoot\system32\DRIVERS\stwrt64.sys [X]
  2019-12-01 13:24 - 2019-12-01 13:44 - 001654729 _____ C:\Windows\ZAM.krnl.trace
  2019-12-01 13:24 - 2019-12-01 13:44 - 000000000 ____D C:\Users\Pajas\AppData\Local\AMSDK
  2019-12-01 13:24 - 2019-12-01 13:24 - 000000000 ____D C:\Users\Pajas\AppData\Local\Zemana
  2019-12-01 13:22 - 2019-12-01 13:22 - 000000000 ____D C:\Users\Pajas\AppData\Local\cache
  2019-12-01 13:16 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
  ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
  ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
  ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
  HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
  HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[Pajas92]

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-12-2019
Ran by Pajas (04-12-2019 20:40:04) Run:1
Running from C:\Users\Pajas\Desktop
Loaded Profiles: Pajas (Available Profiles: Pajas)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\MountPoints2: {519e2169-91f5-11e9-9c1a-20107afb298b} - "D:\startme.exe"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\MountPoints2: {70a97695-16e5-11e9-9c0c-20107afb298b} - "D:\LG_PC_Programs.exe"
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\MountPoints2: {afaced7a-a1b6-11e9-9c1b-20107afb298b} - "D:\HiSuiteDownLoader.exe"
Task: {C4C9FA15-B43E-4D93-8FF2-0FA1814A2A58} - System32\Tasks\{2853C09D-CE6E-46FC-B6EB-9F70C7DAE470} => C:\Windows\system32\pcalua.exe -a C:\Users\Pajas\Desktop\zoek.exe -d C:\Users\Pajas\Desktop
U5 cpuz149;
S1 amsdk; \??\C:\Windows\system32\drivers\amsdk.sys [X]
S3 AndnetBus; \SystemRoot\System32\drivers\lgandnetbus64.sys [X]
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]
S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X]
S3 SPUVCbv; \SystemRoot\System32\Drivers\SPUVCbv_x64.sys [X]
S3 STHDA; \SystemRoot\system32\DRIVERS\stwrt64.sys [X]
2019-12-01 13:24 - 2019-12-01 13:44 - 001654729 _____ C:\Windows\ZAM.krnl.trace
2019-12-01 13:24 - 2019-12-01 13:44 - 000000000 ____D C:\Users\Pajas\AppData\Local\AMSDK
2019-12-01 13:24 - 2019-12-01 13:24 - 000000000 ____D C:\Users\Pajas\AppData\Local\Zemana
2019-12-01 13:22 - 2019-12-01 13:22 - 000000000 ____D C:\Users\Pajas\AppData\Local\cache
2019-12-01 13:16 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 2769
Average :
Sum : 9999890623
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

"HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{519e2169-91f5-11e9-9c1a-20107afb298b} => removed successfully
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{70a97695-16e5-11e9-9c0c-20107afb298b} => removed successfully
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{afaced7a-a1b6-11e9-9c1b-20107afb298b} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4C9FA15-B43E-4D93-8FF2-0FA1814A2A58}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4C9FA15-B43E-4D93-8FF2-0FA1814A2A58}" => removed successfully
C:\Windows\System32\Tasks\{2853C09D-CE6E-46FC-B6EB-9F70C7DAE470} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2853C09D-CE6E-46FC-B6EB-9F70C7DAE470}" => removed successfully
cpuz149 => service not found.
HKLM\System\CurrentControlSet\Services\amsdk => removed successfully
amsdk => service removed successfully
HKLM\System\CurrentControlSet\Services\AndnetBus => removed successfully
AndnetBus => service removed successfully
HKLM\System\CurrentControlSet\Services\AndNetDiag => removed successfully
AndNetDiag => service removed successfully
HKLM\System\CurrentControlSet\Services\ANDNetModem => removed successfully
ANDNetModem => service removed successfully
HKLM\System\CurrentControlSet\Services\cpuz148 => removed successfully
cpuz148 => service removed successfully
HKLM\System\CurrentControlSet\Services\SPUVCbv => removed successfully
SPUVCbv => service removed successfully
HKLM\System\CurrentControlSet\Services\STHDA => removed successfully
STHDA => service removed successfully
C:\Windows\ZAM.krnl.trace => moved successfully
C:\Users\Pajas\AppData\Local\AMSDK => moved successfully
C:\Users\Pajas\AppData\Local\Zemana => moved successfully
C:\Users\Pajas\AppData\Local\cache => moved successfully
C:\Windows\zoek-delete.exe => moved successfully
HKU\.DEFAULT\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKU\.DEFAULT\SOFTWARE\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => removed successfully
HKU\.DEFAULT\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKU\.DEFAULT\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 118452155 B
Java, Flash, Steam htmlcache => 32532052 B
Windows/system/drivers => 1191771 B
Edge => 0 B
Chrome => 371664533 B
Firefox => 229708 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 5884 B
NetworkService => 5884 B
Pajas => 48905398 B

RecycleBin => 16756372298 B
EmptyTemp: => 16.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:40:29 ====

[Pajas92]

Dobře, díky za kontrolu objednám ji a snad to bude v pořádku.

Mám doma dvě ramky, ale ty mi budou asi v tomto případě k ničemu.

1) Kingstone 8GB 1Rx8 PC4-2666V-SA1-11

2) 2x Samsung 2GB 1Rx8 PC3-10600S-09-11-B2

Dostal jsem je a podle informací co jsem dohledal na internetu budou asi z Dell notebooků.

Jinak díky za kontrolu logu a vymazání zbytečností.

[Conder]

Ta prva RAM je DDR4, takze ta nebude fungovat v tomto notebooku. Ta druha by uz fungovat mala, je to DDR3 RAM. Ale kedze v notebooku je je len 1 volny slot na RAM, tak sa viac oplati kupit 4 GB.

Ak uz nie su ziadne problemy s PC, tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"

[Pajas92]

Nevím proč, ale z ničeho nic mi přestala fungovat myš. Otestoval jsem USB porty a nejde ani jeden v celém ntb. Vyzkoušel jsem Flash disk, externí HDD, jinou myš,..

Koukl jsem do "Správce zařízení".

PC.PNG (36.8 KiB) Zobrazeno 2091 x

Na stránkách výrobce jsem stáhl ovladače pro čipset, ale nepomohlo. Ovladače jsem ve správci odinstaloval a znovu aktualizoval, nepomohlo.

Přikládám i log s FRST.

[Pajas92]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-12-2019 01
Ran by Pajas (administrator) on PC (Hewlett-Packard HP ProBook 4530s) (05-12-2019 15:46:17)
Running from C:\Users\Pajas\Desktop
Loaded Profiles: Pajas (Available Profiles: Pajas)
Platform: Windows 8.1 Pro N (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180736 2019-11-18] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-10-25] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2347872 2018-12-12] (Sony Mobile Communications AB -> Sony)
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-11-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-12-01] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00A57539-231C-4C2E-BB4B-9EB559379754} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1397144 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {05597608-7476-4EA2-9D05-155848FC0112} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-10-14] (HP Inc. -> HP Inc.)
Task: {084B134E-65E4-4076-8668-6D6D824163A0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042680 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {18A6E983-C1DD-404D-B86A-BC132B6DF37A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {198A59F8-ACCA-4E82-B723-7BB621CFA322} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [751920 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {1BBF6B38-CBE0-4C3E-8F80-EE0E7991BBC3} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {26234CB1-786F-4737-828D-D8ED7D0D720E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [97016 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B7DAB4F-AC5C-4C09-B26A-A870A58CF14D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {2BB7F48A-85D7-40AF-A78B-3A9876D602C8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1397144 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {4AED7179-3709-4386-9D5C-7EA52882148A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [145272 2019-10-31] (HP Inc. -> HP Inc.)
Task: {4BF5075E-18A1-4BD2-8C97-D8B176B518F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-10-14] (HP Inc. -> HP Inc.)
Task: {50F4A26C-28EF-4A0B-8E8B-679D6A44556E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4400528 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {57747616-F44D-49A6-A66A-98CE48885927} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26042680 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {584EC15F-C136-45D8-8774-3DC3DE14DF6D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-14] (Adobe Inc. -> Adobe)
Task: {7E68F4BF-DABE-4F41-AB57-9018838DC222} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [97016 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {888665B0-A7AD-4A33-ABEF-A5BEB7FD0963} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2019-12-01] (Google Inc -> Google Inc.)
Task: {A3C5CDE0-71E5-4A57-9210-5FDEF15734EF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2019-12-01] (Google Inc -> Google Inc.)
Task: {C87DB1E3-71D0-4846-BB06-856749E17D74} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4400528 2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {D38D15A7-A3FA-4FBB-906B-FEF5FE4A8BE4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-14] (Adobe Inc. -> Adobe)
Task: {DA7B1334-D37E-4DE1-BC20-A3428AC4AFA1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_pepper.exe [1453112 2019-11-14] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{89F7D101-2C0C-45B9-8A85-1FB411819394}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1622553077-2020843845-1668786408-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/cs-cz/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1622553077-2020843845-1668786408-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-11-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: p6tec7ak.default
FF ProfilePath: C:\Users\Pajas\AppData\Roaming\Mozilla\Firefox\Profiles\p6tec7ak.default [2019-12-05]
FF Homepage: Mozilla\Firefox\Profiles\p6tec7ak.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\p6tec7ak.default -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\p6tec7ak.default -> hxxps://www.tipsport.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-14] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-14] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-12-01] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-12-01] (Google Inc -> Google LLC)

Chrome:
=======
CHR Profile: C:\Users\Pajas\AppData\Local\Google\Chrome\User Data\Default [2019-12-05]
CHR Extension: (Prezentace) - C:\Users\Pajas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pajas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\Pajas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11156336 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
S2 DrvCovEx; C:\Windows\SysWOW64\DrvCovEx.exe [45056 2015-09-15] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2243136 2019-11-18] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2243136 2019-11-18] (ESET, spol. s r.o. -> ESET)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [360312 2019-10-14] (HP Inc. -> HP Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2191360 2018-12-12] (Sony) [File not signed]
S2 AcronisOSSReinstallSvc; "C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\Windows\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149944 2019-11-18] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [103264 2019-11-18] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [189512 2019-11-18] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50712 2019-11-18] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [77184 2019-11-18] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [114136 2019-11-18] (ESET, spol. s r.o. -> ESET)
S3 IntcDAud; C:\Windows\system32\DRIVERS\IntcDAud.sys [342528 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 mpfilt; C:\Windows\SysWOW64\drivers\mpfilt.sys [10588 2010-06-13] () [File not signed]
S3 mpszfilt; C:\Windows\System32\DRIVERS\mpszfilt.sys [20632 2015-09-15] (AlcorMicro, Corp. -> Generic)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2018-08-16] (Apple Inc.) [File not signed]
S3 nusb3xhc; C:\Windows\system32\DRIVERS\nusb3xhc.sys [217600 2012-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Apple, Inc.) [File not signed]
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-05 15:46 - 2019-12-05 15:46 - 000020852 _____ C:\Users\Pajas\Desktop\FRST.txt
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\2C0A
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0C0A
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0C04
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0816
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0804
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0424
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\041F
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\041E
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\041D
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\041B
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0419
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0416
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0415
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0414
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0413
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0412
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0411
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0410
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\040E
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\040D
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\040C
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\040B
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\040A
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0408
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0407
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0406
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0405
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0404
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Windows\system32\0401
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2019-12-05 15:43 - 2019-12-05 15:43 - 000000000 ____D C:\Program Files (x86)\Renesas Electronics
2019-12-05 15:42 - 2019-12-05 15:43 - 008904832 _____ (Hewlett-Packard Company ) C:\Users\Pajas\Downloads\sp54511.exe
2019-12-05 15:33 - 2019-12-05 15:33 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard
2019-12-05 15:32 - 2019-12-05 15:32 - 000000000 ____D C:\Users\Pajas\AppData\Local\HP
2019-12-05 15:32 - 2019-12-05 15:32 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-12-05 15:31 - 2019-12-05 15:43 - 000000000 ____D C:\SWSetup
2019-12-05 15:31 - 2019-12-05 15:31 - 010182016 _____ (Hewlitt-Packard Company ) C:\Users\Pajas\Downloads\sp64098.exe
2019-12-05 15:31 - 2019-12-05 15:31 - 003528096 _____ (Oleg N. Scherbakov) C:\Users\Pajas\Downloads\HPSupportSolutionsFramework-12.13.42.1.exe
2019-12-04 20:40 - 2019-12-05 15:29 - 000001144 _____ C:\Users\Pajas\Desktop\Fixlog.txt
2019-12-04 20:39 - 2019-12-05 15:28 - 000000000 ____D C:\Users\Pajas\Desktop\FRST-OlderVersion
2019-12-04 17:05 - 2019-12-04 20:37 - 000000000 ____D C:\Users\Pajas\Documents\Webshare_stažené soubory
2019-12-04 04:56 - 2019-12-04 04:56 - 000000000 ____D C:\Users\Pajas\AppData\Local\ElevatedDiagnostics
2019-12-04 04:49 - 2010-06-13 15:02 - 000010588 _____ C:\Windows\SysWOW64\Drivers\mpfilt.sys
2019-12-04 04:31 - 2015-09-15 12:47 - 000045056 ____N C:\Windows\SysWOW64\DrvCovEx.exe
2019-12-04 04:31 - 2015-09-15 12:47 - 000020632 _____ (Generic) C:\Windows\system32\Drivers\mpszfilt.sys
2019-12-04 04:14 - 2019-12-04 04:14 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-12-04 04:14 - 2019-12-04 04:14 - 000002796 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-12-04 04:14 - 2019-12-04 04:14 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-12-04 04:14 - 2019-12-04 04:14 - 000000834 _____ C:\ProgramData\Desktop\CCleaner.lnk
2019-12-04 04:14 - 2019-12-04 04:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-12-04 04:11 - 2019-12-04 04:11 - 000198944 _____ (Acronis) C:\Windows\system32\Drivers\snapman.sys
2019-12-03 22:10 - 2019-12-05 15:46 - 000000000 ____D C:\FRST
2019-12-03 22:09 - 2019-12-05 15:28 - 002263552 _____ (Farbar) C:\Users\Pajas\Desktop\FRST64.exe
2019-12-02 19:58 - 2019-12-02 19:59 - 000000000 ____D C:\AdwCleaner
2019-12-01 14:50 - 2019-11-05 05:21 - 000162392 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-12-01 14:50 - 2019-10-27 00:17 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-12-01 14:03 - 2019-12-01 14:03 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-01 14:03 - 2019-12-01 14:03 - 000002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-01 14:03 - 2019-12-01 14:03 - 000002279 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-01 14:02 - 2019-12-01 14:08 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-01 14:02 - 2019-12-01 14:08 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-01 04:55 - 2019-12-01 05:54 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2019-12-01 04:54 - 2019-12-01 05:41 - 000000000 ____D C:\ProgramData\RogueKiller
2019-12-01 04:21 - 2019-12-01 04:21 - 000000000 ____D C:\ProgramData\Sophos
2019-12-01 04:18 - 2019-12-01 04:18 - 000000000 ____D C:\Users\Pajas\AppData\Local\mbamtray
2019-12-01 04:18 - 2019-12-01 04:18 - 000000000 ____D C:\Users\Pajas\AppData\Local\mbam
2019-12-01 04:07 - 2019-12-01 04:07 - 000000000 ____D C:\Program Files\Malwarebytes
2019-12-01 04:02 - 2019-12-04 04:41 - 000000000 ____D C:\Users\Pajas\AppData\Local\Adobe
2019-11-19 23:28 - 2019-11-19 23:28 - 000000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2019-11-19 23:28 - 2019-11-19 23:28 - 000000971 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2019-11-19 23:28 - 2019-11-19 23:28 - 000000971 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2019-11-13 14:05 - 2019-10-28 04:20 - 000121040 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-11-13 14:05 - 2019-10-28 03:40 - 000098296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-11-13 14:05 - 2019-10-25 08:54 - 001208320 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-11-13 14:05 - 2019-10-24 05:07 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-11-13 14:05 - 2019-10-24 04:43 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-11-13 14:05 - 2019-10-24 04:41 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-11-13 14:05 - 2019-10-24 04:30 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-11-13 14:05 - 2019-10-24 04:29 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-11-13 14:05 - 2019-10-24 04:23 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-11-13 14:05 - 2019-10-24 04:08 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-11-13 14:05 - 2019-10-24 04:04 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-11-13 14:05 - 2019-10-24 04:01 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-11-13 14:05 - 2019-10-24 03:58 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-11-13 14:05 - 2019-10-24 03:55 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-11-13 14:05 - 2019-10-24 03:53 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-11-13 14:05 - 2019-10-24 03:53 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-11-13 14:05 - 2019-10-24 03:53 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-11-13 14:05 - 2019-10-24 03:51 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-11-13 14:05 - 2019-10-24 03:47 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-11-13 14:05 - 2019-10-24 03:39 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-11-13 14:05 - 2019-10-24 03:37 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-11-13 14:05 - 2019-10-24 03:35 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-11-13 14:05 - 2019-10-24 03:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-11-13 14:05 - 2019-10-24 03:32 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-11-13 14:05 - 2019-10-24 03:32 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-11-13 14:05 - 2019-10-24 03:32 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-11-13 14:05 - 2019-10-24 03:28 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-11-13 14:05 - 2019-10-24 03:27 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-11-13 14:05 - 2019-10-24 03:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-11-13 14:05 - 2019-10-24 03:13 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-11-13 14:05 - 2019-10-24 03:10 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-11-13 14:05 - 2019-10-24 03:09 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-11-13 14:05 - 2019-10-22 05:29 - 001541352 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-11-13 14:05 - 2019-10-22 01:42 - 001376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-11-13 14:05 - 2019-10-17 03:43 - 001368800 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-11-13 14:05 - 2019-10-17 01:53 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-11-13 14:05 - 2019-10-15 10:03 - 001311768 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-11-13 14:05 - 2019-10-15 07:15 - 007363536 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-11-13 14:05 - 2019-10-15 06:55 - 001308256 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-11-13 14:05 - 2019-10-15 06:54 - 000355576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-11-13 14:05 - 2019-10-15 04:48 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-11-13 14:05 - 2019-10-15 04:24 - 000129024 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2019-11-13 14:05 - 2019-10-15 04:08 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-11-13 14:05 - 2019-10-15 03:56 - 001994240 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-11-13 14:05 - 2019-10-15 03:47 - 001384960 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-11-13 14:05 - 2019-10-15 03:28 - 001560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-11-13 14:05 - 2019-10-15 03:27 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-11-13 14:05 - 2019-10-15 03:17 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2019-11-13 14:05 - 2019-10-11 17:29 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2019-11-13 14:05 - 2019-10-11 17:17 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2019-11-13 14:05 - 2019-10-11 16:45 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2019-11-13 14:05 - 2019-10-11 16:37 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2019-11-13 14:05 - 2019-10-11 16:17 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2019-11-13 14:05 - 2019-10-11 15:59 - 000332288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2019-11-13 14:05 - 2019-10-11 05:53 - 000430840 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-11-13 14:05 - 2019-10-11 04:56 - 000320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-11-13 14:05 - 2019-10-11 03:36 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-11-13 14:05 - 2019-10-11 03:08 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-11-13 14:05 - 2019-10-11 03:02 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-11-13 14:05 - 2019-10-11 02:44 - 000697344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-11-13 14:05 - 2019-10-11 02:28 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-11-13 14:05 - 2019-10-11 02:23 - 000565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-11-13 14:05 - 2019-10-10 23:35 - 000374000 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-11-13 14:05 - 2019-10-10 23:32 - 000316144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-11-13 14:05 - 2019-10-10 17:20 - 000044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-11-13 14:05 - 2019-10-10 16:50 - 000035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-11-13 14:05 - 2019-10-09 20:38 - 000470256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-11-13 14:05 - 2019-10-09 14:35 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-11-13 14:05 - 2019-10-04 14:35 - 000929280 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-11-13 14:05 - 2019-10-04 14:18 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-11-13 14:05 - 2019-09-27 19:14 - 000220160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Vid.sys
2019-11-13 14:05 - 2019-09-27 18:53 - 003325440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-11-13 14:05 - 2019-09-27 17:52 - 002779648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-11-13 14:05 - 2019-09-27 17:50 - 003619328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-11-13 14:05 - 2019-09-27 17:07 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-11-13 14:05 - 2019-09-25 05:18 - 000802816 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000738816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-11-13 14:05 - 2019-09-25 05:18 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-11-13 14:05 - 2019-09-19 07:21 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
2019-11-13 14:05 - 2019-09-19 07:11 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2019-11-13 14:05 - 2019-09-19 07:10 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2019-11-13 14:05 - 2019-09-19 07:00 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
2019-11-13 14:05 - 2019-09-19 06:59 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll
2019-11-13 14:05 - 2019-09-19 06:48 - 000475648 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2019-11-13 14:05 - 2019-09-19 06:26 - 000848896 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2019-11-13 14:05 - 2019-09-19 06:20 - 000333312 _____ (Microsoft Corporation) C:\Windows\system32\winsku.dll
2019-11-13 14:05 - 2019-09-19 06:16 - 000712192 _____ (Microsoft Corporation) C:\Windows\system32\DismApi.dll
2019-11-13 14:05 - 2019-09-19 04:26 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DismApi.dll
2019-11-13 14:05 - 2019-09-19 04:26 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsku.dll
2019-11-13 14:05 - 2019-09-12 23:46 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
2019-11-13 14:05 - 2019-09-12 23:36 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll
2019-11-13 14:05 - 2019-09-12 23:25 - 000380928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2019-11-13 14:05 - 2019-09-10 22:34 - 000354544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2019-11-13 14:05 - 2019-09-07 16:18 - 015441408 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-11-13 14:05 - 2019-09-07 16:09 - 013321728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-11-13 14:05 - 2019-09-06 14:17 - 000249856 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll
2019-11-10 17:28 - 2019-12-01 03:56 - 000000000 ____D C:\Windows\Minidump
2019-11-07 16:19 - 2019-11-07 16:19 - 000001759 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-11-07 16:19 - 2019-11-07 16:19 - 000001759 _____ C:\ProgramData\Desktop\iTunes.lnk
2019-11-07 16:19 - 2019-11-07 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-11-07 16:19 - 2019-11-07 16:19 - 000000000 ____D C:\Program Files\iTunes
2019-11-07 16:19 - 2019-11-07 16:19 - 000000000 ____D C:\Program Files\iPod
2019-11-06 14:22 - 2019-11-06 14:23 - 000000000 ____D C:\Users\Pajas\AppData\Local\TeamViewer
2019-11-06 14:21 - 2019-12-05 15:40 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-11-06 14:21 - 2019-11-06 14:21 - 000000000 ____D C:\Users\Pajas\AppData\Roaming\TeamViewer

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-05 15:45 - 2018-12-11 22:41 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1622553077-2020843845-1668786408-1001
2019-12-05 15:43 - 2018-12-11 22:57 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-12-05 15:43 - 2014-11-22 00:16 - 000000000 ____D C:\Windows\system32\0409
2019-12-05 15:43 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2019-12-05 15:40 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-05 15:40 - 2013-08-22 15:44 - 005121784 _____ C:\Windows\system32\FNTCACHE.DAT
2019-12-05 15:38 - 2018-12-11 23:39 - 000838144 ___SH C:\Users\Pajas\Desktop\Thumbs.db
2019-12-05 15:38 - 2014-11-22 01:04 - 001757052 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-05 15:38 - 2014-11-22 00:16 - 000744040 _____ C:\Windows\system32\perfh005.dat
2019-12-05 15:38 - 2014-11-22 00:16 - 000153154 _____ C:\Windows\system32\perfc005.dat
2019-12-05 15:33 - 2019-01-31 09:50 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-12-05 15:26 - 2018-12-11 22:36 - 000000000 ____D C:\Users\Pajas
2019-12-05 15:25 - 2019-01-15 22:46 - 000003946 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{EE7007E9-75E9-4AD4-A3C8-4AAA3835D24E}
2019-12-04 20:40 - 2019-02-26 15:23 - 000000000 ____D C:\Users\Pajas\AppData\LocalLow\Temp
2019-12-04 20:40 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-12-04 20:37 - 2018-12-11 23:13 - 000025600 _____ C:\Users\Pajas\Documents\client.db
2019-12-04 05:13 - 2019-05-18 00:31 - 000000412 __RSH C:\ProgramData\ntuser.pol
2019-12-04 05:07 - 2013-08-22 16:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2019-12-04 05:07 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2019-12-04 04:15 - 2018-12-11 22:36 - 000000000 ____D C:\Users\Pajas\AppData\Local\Packages
2019-12-04 04:15 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-04 04:15 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\AppReadiness
2019-12-04 04:14 - 2018-12-11 23:17 - 000000000 ____D C:\Program Files\CCleaner
2019-12-01 16:06 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2019-12-01 14:03 - 2018-12-11 22:45 - 000000000 ____D C:\Users\Pajas\AppData\Local\Google
2019-12-01 14:02 - 2018-12-11 22:45 - 000000000 ____D C:\Program Files (x86)\Google
2019-12-01 13:57 - 2018-12-11 22:36 - 000000000 ____D C:\Users\Pajas\AppData\Local\VirtualStore
2019-12-01 13:54 - 2019-06-21 00:55 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-12-01 03:34 - 2018-12-11 23:32 - 000000000 ____D C:\Program Files\Common Files\Apple
2019-12-01 03:33 - 2018-12-11 23:33 - 000000000 ____D C:\Users\Pajas\AppData\Roaming\Apple Computer
2019-12-01 03:28 - 2018-12-17 20:14 - 000000000 ____D C:\Users\Pajas\AppData\Roaming\BSplayer
2019-12-01 03:27 - 2018-12-11 23:51 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2019-12-01 03:23 - 2018-12-13 01:16 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2019-12-01 03:23 - 2018-12-13 00:45 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-12-01 03:23 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-01 03:23 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-12-01 03:12 - 2019-03-15 02:10 - 000000000 ___RD C:\Users\Pajas\Dropbox
2019-12-01 02:48 - 2018-12-15 06:05 - 001045504 ___SH C:\Users\Pajas\Downloads\Thumbs.db
2019-11-23 01:01 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache
2019-11-23 00:54 - 2018-12-13 00:43 - 000000000 ___RD C:\Users\Pajas\iCloudDrive
2019-11-23 00:50 - 2018-12-11 23:20 - 000000000 ____D C:\Users\Pajas\AppData\Roaming\vlc
2019-11-20 23:19 - 2018-12-11 22:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-11-20 02:23 - 2018-12-13 00:21 - 000000000 ____D C:\Windows\system32\appraiser
2019-11-20 02:23 - 2018-12-11 22:44 - 000157059 ____H C:\Users\Pajas\AppData\Local\IconCache.db.backup
2019-11-20 02:23 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-11-20 02:23 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-11-20 02:23 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\oobe
2019-11-20 02:23 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\system32\Dism
2019-11-18 21:25 - 2018-09-04 12:23 - 000189512 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2019-11-18 21:25 - 2018-09-04 12:23 - 000149944 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2019-11-18 21:25 - 2018-09-04 12:23 - 000114136 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2019-11-18 21:25 - 2018-09-04 12:23 - 000103264 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2019-11-18 21:25 - 2018-09-04 12:23 - 000077184 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2019-11-18 21:25 - 2018-09-04 12:23 - 000050712 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2019-11-17 21:42 - 2018-12-15 06:56 - 000000600 _____ C:\Users\Pajas\AppData\Roaming\winscp.rnd
2019-11-14 05:38 - 2018-12-12 22:43 - 000000000 ____D C:\Windows\system32\MRT
2019-11-14 05:33 - 2018-12-12 22:43 - 128443096 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-11-14 04:48 - 2019-04-16 20:19 - 000004486 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-11-14 04:48 - 2019-04-16 20:19 - 000004366 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-11-14 04:48 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-11-14 04:48 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-11-14 03:48 - 2019-04-16 20:48 - 000004474 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier

==================== Files in the root of some directories ========

2019-03-08 20:35 - 2019-03-29 15:25 - 000000132 _____ () C:\Users\Pajas\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-12-15 06:56 - 2019-11-17 21:42 - 000000600 _____ () C:\Users\Pajas\AppData\Roaming\winscp.rnd

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-12-01 04:52
==================== End of FRST.txt ========================