BRTSvc

[bonapart]

https://www.uschovna.cz/zasilka/UF7IEXHCC5PV7249-6MP

[bonapart]

pc je lepší už

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2020 01
Ran by aaa (24-01-2020 09:18:16)
Running from C:\Users\aaa\Desktop
Windows 10 Pro Version 1903 18362.592 (X64) (2019-09-23 17:35:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

aaa (S-1-5-21-2905597249-1629462600-326273939-1001 - Administrator - Enabled) => C:\Users\aaa
Administrator (S-1-5-21-2905597249-1629462600-326273939-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2905597249-1629462600-326273939-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2905597249-1629462600-326273939-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2905597249-1629462600-326273939-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2905597249-1629462600-326273939-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee VirusScan Enterprise (Enabled - Up to date) {1006DC03-1FB1-9E52-7C81-F2FAB48962E3}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Admiral Markets MT5 (HKLM\...\Admiral Markets MT5) (Version: 5.00 - MetaQuotes Software Corp.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.314 - Adobe)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}) (Version: 9.0.115.0 - Adobe Systems, Inc.)
ANTSvc version 1.0.0.0 (HKLM-x32\...\ANTSvc_is1) (Version: 1.0.0.0 - ANTSvc)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
Components Setup (HKLM-x32\...\{31187E06-E131-4709-9285-7D105D77AA89}) (Version: 1.00.0000 - Vimicro Corporation)
Components Setup (HKLM-x32\...\{BDDEE95D-0671-4A38-AAF3-2A7D5801B323}) (Version: 1.00.0000 - Vimicro Corporation) Hidden
Easy CD-DA Extractor 16 (HKLM-x32\...\Easy CD-DA Extractor 16) (Version: 16.0.9 - Poikosoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
IM Magician (HKLM-x32\...\{A5742726-2180-4253-83A7-53558486A7A2}) (Version: 1.00.0001 - Vimisoft Studio)
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
McAfee Agent (HKLM\...\{80684F9A-6B01-4F3F-A8C7-C4B7BDF072F1}) (Version: 5.0.6.220 - McAfee, Inc.)
McAfee VirusScan Enterprise (HKLM-x32\...\{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}) (Version: 8.8.013000 - McAfee, Inc.)
MediaInfo 18.05 (HKLM\...\MediaInfo) (Version: 18.05 - MediaArea.net)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1029}) (Version: 8.0.182 - Nero AG)
NQuotes (HKLM-x32\...\NQuotes) (Version: 1.13 - Brainroom Ltd.)
oCam version 495.0 (HKLM-x32\...\oCam_is1) (Version: 495.0 - hxxp://ohsoft.net/)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Slovník Verdict Free (a internetový překladač) (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Verdict Free) (Version: - )
Sonic Foundry Sound Forge 6.0a (HKLM-x32\...\{6CDC68BB-C997-4ADC-9BA0-6293FB88521E}) (Version: 6.0.150 - Sonic Foundry)
Telegram Desktop version 1.9.6 (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.9.6 - Telegram FZ-LLC)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
Viber (HKLM-x32\...\{BFA8868B-76A2-4B64-ADE2-76CF7E3E882D}) (Version: 9.9.5.12 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\{144a144e-eecc-4102-bd8b-778664ebf53a}) (Version: 9.9.5.12 - Viber Media Inc.)
Video Viewer (HKLM-x32\...\Video Viewer) (Version: 0.1.9.7 - AVTECH Corporation, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VSO Image Resizer 1.3.4d (HKLM-x32\...\VSO Image Resizer_is1) (Version: 1.3.4d - VSO-Software)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{F92064F6-BDE8-46FC-A19F-4E12D311BE3A}) (Version: 1.0.30 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.0.1.1219 - Xilisoft)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )
Zoom (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\ZoomUMX) (Version: 4.5 - Zoom Video Communications, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-01] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.105.0_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-25] (Netflix, Inc.)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-08-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [VirusScan] -> {cda2863e-2497-4c49-9b89-06840e070a87} => C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\shext.dll [2019-05-16] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers4: [VirusScan] -> {cda2863e-2497-4c49-9b89-06840e070a87} => C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\shext.dll [2019-05-16] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ImageResizer] -> {C6193976-9333-4E73-96BA-7B21CA942187} => C:\Program Files (x86)\VSO\Image Resizer\RSZShell64.dll [2007-01-24] (VSO Software SARL) [File not signed]
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [VirusScan] -> {cda2863e-2497-4c49-9b89-06840e070a87} => C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\shext.dll [2019-05-16] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2007-03-13 10:28 - 2007-03-13 10:28 - 000823296 _____ () [File not signed] C:\Program Files (x86)\Common Files\Nero\Lib\log4cxx.dll
2016-12-02 22:00 - 2010-03-15 11:28 - 000166400 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2018-01-22 19:50 - 2010-09-26 20:31 - 000073728 ____R (Vimicro Corporation) [File not signed] C:\Program Files (x86)\Common Files\Vimisoft Studio\exvmuvc.ax
2018-01-22 19:50 - 2010-09-28 12:04 - 000081920 _____ (Vimicro Corporation) [File not signed] C:\Program Files (x86)\Common Files\Vimisoft Studio\VmicCommonIR.dll
2018-01-22 19:50 - 2010-06-21 15:56 - 000077824 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\FlydCamCtrl.dll
2018-01-22 19:50 - 2010-09-28 13:43 - 000147456 _____ (Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\Plugins\immirrc.dll
2018-01-22 19:50 - 2010-06-21 15:56 - 000073728 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\TiaDecFac.dll
2018-01-22 19:51 - 2010-06-10 15:10 - 000081920 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vflydblapl.ax
2018-01-22 19:51 - 2010-05-18 17:23 - 000196608 _____ (Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vflydcam.ax
2019-08-15 17:52 - 2007-01-24 09:38 - 000130048 _____ (VSO Software SARL) [File not signed] C:\Program Files (x86)\VSO\Image Resizer\RSZShell64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2020-01-23 09:01 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A3518309-723E-4FB4-BC64-103B9708AA00}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4F05A4CF-5509-4268-AFB5-EB40A5D085B5}] => (Allow) C:\Program Files\Admiral Markets MT5\metatester64.exe (MetaQuotes Software Corp. -> MetaQuotes Software Corp.)
FirewallRules: [UDP Query User{523EC6D2-0E8A-4FB8-A508-A795F55E382E}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe No File
FirewallRules: [TCP Query User{79C32572-946E-48CF-90CA-B64E7CB95191}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe No File
FirewallRules: [UDP Query User{FB12E5DD-F9AA-4DE2-93FA-8C265F94DDF3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{BB9736D6-BA41-4001-BBDB-81FF6FA7A576}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AFC98497-7732-4BEC-BB8E-B08871DBCA2C}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe No File
FirewallRules: [{28C31ACC-F509-44A6-AC1F-D9B690F335E6}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe No File
FirewallRules: [{0E8A3579-2D1D-4BB9-BA79-BCBB4B828C2B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe No File
FirewallRules: [{29DBEAF4-1771-4F6C-9FD8-77F5F381E08F}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe No File
FirewallRules: [{1D6A71AF-1ADE-46D9-A1F6-FA5F8BF89B33}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe No File
FirewallRules: [{99D1E8FB-AAD8-40F0-8EF9-6EE8BD5CA390}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe No File
FirewallRules: [{8155F672-63A1-49F9-896E-9511CA903A65}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe No File
FirewallRules: [{142A2E18-D95F-4C53-AA9D-2CB997F46C1E}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe No File
FirewallRules: [{C9DC3E7B-2870-4617-AB22-AB93F6314765}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe No File
FirewallRules: [{68EF71F6-AF14-41F2-B131-F7B442CBE9E8}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe No File
FirewallRules: [TCP Query User{0390A106-3AF7-4363-A748-3F4455E14EF7}C:\program files (x86)\videoviewer\videoviewer.exe] => (Block) C:\program files (x86)\videoviewer\videoviewer.exe No File
FirewallRules: [UDP Query User{6444DB01-25D1-45AD-9905-8D634C3A9362}C:\program files (x86)\videoviewer\videoviewer.exe] => (Block) C:\program files (x86)\videoviewer\videoviewer.exe No File
FirewallRules: [TCP Query User{8BF7EB87-E13D-4FE8-8301-564719B0E349}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [UDP Query User{FD769A59-594E-41CE-95FA-D0C6B69CC3D3}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [TCP Query User{B0743B75-93A8-44EA-A969-92311DDD56CD}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe No File
FirewallRules: [UDP Query User{0697B737-5D05-4738-ADFA-2E77ECE3178D}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe No File
FirewallRules: [TCP Query User{807389EF-F73E-498A-8F33-68B9224FB859}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe No File
FirewallRules: [UDP Query User{BD0A65AF-223E-49BC-9E97-A873F55DE117}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe No File
FirewallRules: [TCP Query User{FDE4B27C-D078-4CB2-8F86-20447217832D}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe No File
FirewallRules: [UDP Query User{B28E1106-7C65-4998-973D-6B42C576F506}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe No File
FirewallRules: [{41B55316-CCE3-4118-B69F-E04AC94C3D3B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{BF260DAD-8FD3-43DB-B554-170AAA390C3A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{81A37EFA-7493-4F1C-93FC-92A56DCF6789}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [UDP Query User{BB0DB695-0B30-443D-B291-451D981C30AA}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [{26C8ABBB-C5E4-4EE4-B2DA-5879EA24EA5D}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{43CC3079-FC02-4D11-8496-A0FA0795E7A4}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{917A3821-484C-4B61-8498-B89208B30163}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{8473AAD1-96D9-4CDB-8F8F-BB181A3D29D5}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [TCP Query User{51DD86A4-7A3B-4D5B-9A1C-AFB229613AF8}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe No File
FirewallRules: [UDP Query User{05388E02-D273-4010-9FEC-47A76A9BFCCF}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe No File
FirewallRules: [TCP Query User{E032C053-8342-4D02-A5FF-EA1BF4094C92}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [UDP Query User{07BE12DB-7DB6-4E76-9076-8713C59F0439}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [TCP Query User{EF6C2B77-156B-48E3-AA55-7B39F06DDBE7}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe
FirewallRules: [UDP Query User{9DED04E5-CBBB-4BE1-92A6-1936398BF5B9}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe
FirewallRules: [{715763F6-41A5-4747-BC3E-F5B246C53A5B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

17-01-2020 19:11:06 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/24/2020 09:05:59 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7392,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/24/2020 09:00:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5712,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 10:20:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10572,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 10:01:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8568,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 09:51:37 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4484,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 09:41:18 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5492,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 09:14:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1508,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 09:08:04 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.


System errors:
=============
Error: (01/23/2020 09:45:25 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-1JNUR2R)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/23/2020 08:58:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/23/2020 08:58:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/23/2020 08:58:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NMIndexingService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/23/2020 08:58:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bluetooth Driver Management Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/23/2020 08:58:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/23/2020 08:58:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/20/2020 10:43:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adaptér výkonu rozhraní WMI neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.


Windows Defender:
===================================
Date: 2019-09-23 20:17:58.793
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCleaner64.exe provádění změn v paměti.
Čas detekce: 2019-09-23T18:17:58.792Z
Uživatel: (unknown user)
Cesta: \Device\Harddisk1\DR1
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: 1.301.2094.0
Verze modulu: 1.1.16300.1
Verze produktu: 4.18.1902.5

Date: 2019-09-23 20:16:56.861
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCUpdate.exe provádění změn v paměti.
Čas detekce: 2019-09-23T18:16:56.861Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\Harddisk1\DR1
Název procesu: C:\Program Files\CCleaner\CCUpdate.exe
Verze bezpečnostních informací: 1.301.2094.0
Verze modulu: 1.1.16300.1
Verze produktu: 4.18.1902.5

Date: 2019-09-23 19:43:02.700
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCleaner64.exe provádění změn v paměti.
Čas detekce: 2019-09-23T17:43:02.699Z
Uživatel: (unknown user)
Cesta: \Device\Harddisk1\DR1
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: 1.301.2094.0
Verze modulu: 1.1.16300.1
Verze produktu: 4.18.1902.5

Date: 2019-09-23 19:42:55.547
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCUpdate.exe provádění změn v paměti.
Čas detekce: 2019-09-23T17:42:55.547Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\Harddisk1\DR1
Název procesu: C:\Program Files\CCleaner\CCUpdate.exe
Verze bezpečnostních informací: 1.301.2094.0
Verze modulu: 1.1.16300.1
Verze produktu: 4.18.1902.5

Date: 2019-10-27 22:54:46.580
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.301.2094.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80070643
Popis chyby: Při instalaci došlo k závažné chybě.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F4 02/06/2012
Motherboard: Gigabyte Technology Co., Ltd. H55M-D2H
Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Percentage of memory in use: 61%
Total physical RAM: 3767.49 MB
Available physical RAM: 1432.44 MB
Total Virtual: 7812.26 MB
Available Virtual: 5047.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.56 GB) (Free:348.1 GB) NTFS
Drive d: () (Fixed) (Total:931.41 GB) (Free:416.5 GB) NTFS

\\?\Volume{f2781714-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{f2781714-0000-0000-0000-80c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.04 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00084F14)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F2781714)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=467 MB) - (Type=27)

==================== End of Addition.txt =======================

[bonapart]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2020 01
Ran by aaa (administrator) on DESKTOP-1JNUR2R (ATComputers COMFOR DIABLO I65) (24-01-2020 09:05:08)
Running from C:\Users\aaa\Desktop
Loaded Profiles: aaa (Available Profiles: defaultuser0 & aaa)
Platform: Windows 10 Pro Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\macmnsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\masvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\macompatsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mctray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mfemactl.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(OORT inc. -> oh!soft) C:\Program Files (x86)\oCam\oCamTask.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\aaa\AppData\Roaming\Telegram Desktop\Telegram.exe
(Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vicamon.exe
(Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vmonproc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IMMON] => C:\Program Files (x86)\IM Magician\Vicamon.exe [143360 2010-09-28] (Vimisoft Studio) [File not signed]
HKLM-x32\...\Run: [IMMONSUPPORT] => "C:\Program Files (x86)\IM Magician\vmonproc.exe" /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exe
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe [532184 2017-06-14] (McAfee, Inc. -> McAfee LLC.)
HKLM-x32\...\Run: [ShStatEXE] => C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [326680 2019-05-16] (McAfee, Inc. -> McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-03] (Nero AG -> Nero AG)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-22] (Google LLC -> Google LLC)
Startup: C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2018-03-19]
ShortcutTarget: Telegram.lnk -> C:\Users\aaa\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {5FCEBB97-CE98-49DD-8688-3498F1C20BEB} - System32\Tasks\oCamTask => C:\Program Files (x86)\oCam\oCamTask.exe [148816 2019-09-06] (OORT inc. -> oh!soft)
Task: {6D6DC8DE-5295-4E49-B5D6-446344A4EC88} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {71C37E72-5579-4A38-A6E8-566DD5108E9C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {7BD8E00E-16CE-45E1-9ABA-33CED54E89D7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {81795AC2-BBFA-40A9-B4C2-C1A162AC9B67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-30] (Google Inc -> Google LLC)
Task: {C39432B3-5517-49C8-8ACD-F0173769553F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-30] (Google Inc -> Google LLC)
Task: {D0FC1248-F34A-4F28-AAB2-12AB5D5569C4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_pepper.exe [1453112 2020-01-18] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{14b0b5df-90a9-4ebf-9aed-aaa7b8c0f122}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20190923202205.dll [2019-09-23] (McAfee, Inc. -> McAfee, LLC)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-01-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20190923202206.dll [2019-09-23] (McAfee, Inc. -> McAfee, LLC)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-19] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: (McAfee ScriptScan for Firefox) - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2019-09-23] [Legacy] [not signed]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2905597249-1629462600-326273939-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\aaa\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-10-16] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Notifications: Default -> hxxps://app.cryptokingdom.tech
CHR Profile: C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default [2020-01-24]
CHR DownloadDir: C:\Users\aaa\Desktop
CHR Extension: (Prezentace) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-30]
CHR Extension: (Dokumenty) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-30]
CHR Extension: (Disk Google) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-07-30]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-08-30]
CHR Extension: (YouTube) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-30]
CHR Extension: (Tabulky) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-30]
CHR Extension: (Chrome Media Router) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 macmnsvc; C:\Program Files\McAfee\Agent\macmnsvc.exe [121648 2017-06-14] (McAfee, Inc. -> McAfee LLC.)
R2 masvc; C:\Program Files\McAfee\Agent\masvc.exe [64384 2017-06-14] (McAfee, Inc. -> McAfee LLC.)
R3 McAfeeFramework; C:\Program Files\McAfee\Agent\x86\macompatsvc.exe [223376 2017-06-14] (McAfee, Inc. -> McAfee LLC.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [419792 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [320208 2019-05-16] (McAfee, Inc. -> McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [376992 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [609920 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [542240 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG -> Nero AG)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2017-06-05] (Sony Mobile Communications AB -> Sony Mobile Communications)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [523336 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R3 mfeaacsk; C:\WINDOWS\System32\drivers\mfeaacsk.sys [64048 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [380976 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [109104 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [86144 2019-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518192 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R3 mfehck; C:\WINDOWS\System32\drivers\mfehck.sys [91184 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [991792 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [118320 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [126000 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254000 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-24 09:05 - 2020-01-24 09:08 - 000018160 _____ C:\Users\aaa\Desktop\FRST.txt
2020-01-23 09:01 - 2020-01-23 09:01 - 012410792 _____ C:\Users\aaa\Desktop\23.01.2020_09.01.35.zip
2020-01-23 08:58 - 2020-01-23 09:03 - 000010767 _____ C:\Users\aaa\Desktop\Fixlog.txt
2020-01-23 08:58 - 2020-01-23 08:58 - 000000000 ____D C:\Users\aaa\Desktop\FRST-OlderVersion
2020-01-20 22:37 - 2020-01-20 22:41 - 000000000 ____D C:\AdwCleaner
2020-01-20 22:15 - 2020-01-20 22:15 - 008237744 _____ (Malwarebytes) C:\Users\aaa\Desktop\adwcleaner_8.0.1.exe
2020-01-20 22:07 - 2020-01-21 08:56 - 000000000 ____D C:\Users\aaa\Desktop\Harmoniky 2
2020-01-20 20:59 - 2020-01-20 21:02 - 000003016 _____ C:\WINDOWS\system32\Tasks\oCamTask
2020-01-20 20:59 - 2020-01-20 21:02 - 000001020 _____ C:\Users\Public\Desktop\oCam.lnk
2020-01-20 20:59 - 2020-01-20 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\oCam
2020-01-20 20:58 - 2020-01-20 21:02 - 000000000 ____D C:\Program Files (x86)\oCam
2020-01-19 22:28 - 2020-01-24 09:07 - 000000000 ____D C:\FRST
2020-01-19 22:26 - 2020-01-23 08:58 - 002580480 _____ (Farbar) C:\Users\aaa\Desktop\FRST64.exe
2020-01-19 19:24 - 2020-01-19 23:12 - 2292236386 _____ C:\Users\aaa\Desktop\Lovci pokladů 2.avi
2020-01-17 20:05 - 2020-01-17 20:05 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-17 20:05 - 2020-01-17 20:05 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-17 20:05 - 2020-01-17 20:05 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-17 20:05 - 2020-01-17 20:05 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-17 20:04 - 2020-01-17 20:04 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-17 20:04 - 2020-01-17 20:04 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-17 20:04 - 2020-01-17 20:04 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-17 20:04 - 2020-01-17 20:04 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-17 20:04 - 2020-01-17 20:04 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-17 20:04 - 2020-01-17 20:04 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-17 20:04 - 2020-01-17 20:04 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-17 19:47 - 2020-01-17 19:47 - 000000000 ____D C:\Users\aaa\Documents\NeroVision
2020-01-17 19:14 - 2020-01-17 19:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-17 19:14 - 2020-01-17 19:15 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-16 19:02 - 2020-01-16 19:19 - 000000000 ____D C:\Users\aaa\Desktop\vypovědi
2020-01-13 21:49 - 2020-01-13 21:49 - 000000000 ____D C:\Users\aaa\Desktop\foto 2020
2020-01-13 21:31 - 2020-01-13 21:39 - 000000000 ____D C:\Users\aaa\Desktop\Nová složka
2020-01-12 17:41 - 2020-01-12 20:53 - 1710034809 _____ C:\Users\aaa\Desktop\Láska na vlásku - pohádka (2014).mp4
2020-01-08 21:04 - 2020-01-12 13:28 - 000000000 ____D C:\Users\aaa\Desktop\GP Kurz 2
2020-01-08 20:27 - 2020-01-08 20:27 - 000000010 _____ C:\Users\aaa\Desktop\mike heslo.txt
2020-01-05 22:17 - 2020-01-05 22:17 - 000000000 ____D C:\Users\aaa\Documents\inzeraty foto
2020-01-05 22:16 - 2020-01-05 22:16 - 000000000 ____D C:\Users\aaa\Desktop\inzeraty foto
2020-01-05 22:16 - 2020-01-05 22:16 - 000000000 ____D C:\Users\aaa\Desktop\inventura 2019
2020-01-03 22:03 - 2020-01-03 22:04 - 000000000 ____D C:\Program Files (x86)\YouTube Downloader
2020-01-03 22:03 - 2020-01-03 22:03 - 000001147 _____ C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YouTube Downloader.lnk
2019-12-25 23:14 - 2019-12-26 00:48 - 000000000 ____D C:\Users\aaa\Desktop\gott

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-24 09:09 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-24 08:52 - 2019-09-23 19:21 - 000002017 _____ C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee VirusScan Scan Messages.lnk
2020-01-24 08:52 - 2018-02-06 14:10 - 000000000 ____D C:\Users\aaa\AppData\Roaming\Telegram Desktop
2020-01-23 10:10 - 2017-09-12 17:44 - 000000000 ____D C:\Users\aaa\AppData\Roaming\vlc
2020-01-23 09:45 - 2019-09-09 15:47 - 000000000 ___DC C:\WINDOWS\Panther
2020-01-23 09:45 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-23 09:05 - 2019-09-23 18:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-23 09:04 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-23 09:03 - 2017-08-22 18:52 - 000000000 ____D C:\Users\aaa\AppData\LocalLow\Temp
2020-01-22 21:53 - 2019-07-30 22:28 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-22 21:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-21 18:17 - 2019-09-23 18:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-21 08:09 - 2017-07-29 12:22 - 000000000 ____D C:\Users\aaa\Desktop\NAINSTALOVANO
2020-01-20 22:44 - 2018-03-25 11:44 - 000000000 ____D C:\Program Files (x86)\Java
2020-01-19 21:51 - 2018-03-25 11:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-19 21:49 - 2018-03-25 11:45 - 000114232 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-01-19 19:21 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-19 18:15 - 2019-09-23 18:34 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2905597249-1629462600-326273939-1001
2020-01-19 18:14 - 2019-09-23 18:16 - 000002400 _____ C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-19 18:14 - 2016-12-02 21:53 - 000000000 ___RD C:\Users\aaa\OneDrive
2020-01-18 18:50 - 2017-08-02 12:17 - 000000000 ____D C:\Users\aaa\AppData\Local\Adobe
2020-01-18 18:49 - 2019-09-23 18:34 - 000004662 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-01-18 18:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-18 18:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-17 23:30 - 2019-03-19 05:37 - 000131072 _____ C:\WINDOWS\system32\config\ELAM
2020-01-17 23:29 - 2019-09-23 18:09 - 000442920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-17 23:24 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-17 23:24 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-17 23:24 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-17 23:24 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-17 20:26 - 2016-12-02 23:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-17 20:13 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-17 20:13 - 2016-12-02 23:25 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-16 19:03 - 2017-09-04 09:22 - 000000000 ____D C:\Users\aaa\Desktop\AA XP
2020-01-12 12:01 - 2019-01-29 05:01 - 000000000 ____D C:\Users\aaa\Downloads\Telegram Desktop
2020-01-09 21:27 - 2019-12-16 20:08 - 000000000 ____D C:\Users\aaa\Desktop\GP Kurz 1
2020-01-08 20:33 - 2019-10-20 19:37 - 000000000 ____D C:\Users\aaa\Desktop\videa z tel
2020-01-07 13:59 - 2017-07-30 16:41 - 000000000 ____D C:\Users\aaa\Desktop\Marie Tatrnová
2020-01-06 10:01 - 2019-01-13 12:17 - 000000000 ____D C:\Users\aaa\AppData\Roaming\ViberPC
2020-01-06 10:00 - 2019-01-13 12:18 - 000000000 ____D C:\Users\aaa\Documents\ViberDownloads
2020-01-05 22:18 - 2017-06-15 08:05 - 000000000 ____D C:\Users\aaa\Desktop\AAA DOKUMENTY
2020-01-05 17:48 - 2018-10-29 20:09 - 000000000 ____D C:\Users\aaa\Desktop\Serialy
2020-01-03 22:03 - 2017-08-11 20:45 - 000000000 ___RD C:\Users\aaa\Desktop\NÁSTROJE
2019-12-30 20:37 - 2019-03-12 17:53 - 000000000 ____D C:\Users\aaa\Desktop\foto 2019
2019-12-27 20:12 - 2019-12-13 21:47 - 000000000 ____D C:\Users\aaa\Desktop\Martin viděno
2019-12-26 13:10 - 2018-04-16 16:47 - 000000000 ____D C:\Users\aaa\Desktop\JÍDELÁK 2018

==================== Files in the root of some directories ========

2019-05-28 10:03 - 2019-06-23 18:51 - 000004608 _____ () C:\Users\aaa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-09-13 20:20 - 2017-09-13 20:20 - 000000017 _____ () C:\Users\aaa\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[JaRon]

len otazocka:
Cistil si uz plochu velkost adresara plocha by nemala presahovat 1GB

[bonapart]

Jj, vim na ploše toho mam opravdu hodně , přesunu to na C a udělám zastupce na plochu. Bude to tak OK?

[JaRon]

ano bude to OK
nadmerna velkost adresara plocha extremne spomaluje PC, hlavne nabeh

[Conder]

Posledne logy uz vyzeraju tiez OK

Ak uz teda nie su ziadne problemy, tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"

[bonapart]

děkuji moc za pomoc, posli mi pls ješte odkaz na přispění pro forum, diky Milan

[Conder]

Nie je zaco, radi sme pomohli (aj za kolegu) Za prispevok na forum dakujeme, prispiet je mozne tu: https://platba.viry.cz/payment/