VIRY.CZ

https://www.uschovna.cz/zasilka/UF7IEXHCC5PV7249-6MP

pc je lepší už

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2020 01
Ran by aaa (24-01-2020 09:18:16)
Running from C:\Users\aaa\Desktop
Windows 10 Pro Version 1903 18362.592 (X64) (2019-09-23 17:35:39)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

aaa (S-1-5-21-2905597249-1629462600-326273939-1001 - Administrator - Enabled) => C:\Users\aaa
Administrator (S-1-5-21-2905597249-1629462600-326273939-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2905597249-1629462600-326273939-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2905597249-1629462600-326273939-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2905597249-1629462600-326273939-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2905597249-1629462600-326273939-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee VirusScan Enterprise (Enabled - Up to date) {1006DC03-1FB1-9E52-7C81-F2FAB48962E3}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Admiral Markets MT5 (HKLM\...\Admiral Markets MT5) (Version: 5.00 - MetaQuotes Software Corp.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.314 - Adobe)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{8E9DB7EF-5DD3-499E-BA2A-A1F3153A4DF8}) (Version: 9.0.115.0 - Adobe Systems, Inc.)
ANTSvc version 1.0.0.0 (HKLM-x32\...\ANTSvc_is1) (Version: 1.0.0.0 - ANTSvc)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
Components Setup (HKLM-x32\...\{31187E06-E131-4709-9285-7D105D77AA89}) (Version: 1.00.0000 - Vimicro Corporation)
Components Setup (HKLM-x32\...\{BDDEE95D-0671-4A38-AAF3-2A7D5801B323}) (Version: 1.00.0000 - Vimicro Corporation) Hidden
Easy CD-DA Extractor 16 (HKLM-x32\...\Easy CD-DA Extractor 16) (Version: 16.0.9 - Poikosoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
IM Magician (HKLM-x32\...\{A5742726-2180-4253-83A7-53558486A7A2}) (Version: 1.00.0001 - Vimisoft Studio)
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
McAfee Agent (HKLM\...\{80684F9A-6B01-4F3F-A8C7-C4B7BDF072F1}) (Version: 5.0.6.220 - McAfee, Inc.)
McAfee VirusScan Enterprise (HKLM-x32\...\{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}) (Version: 8.8.013000 - McAfee, Inc.)
MediaInfo 18.05 (HKLM\...\MediaInfo) (Version: 18.05 - MediaArea.net)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1029}) (Version: 8.0.182 - Nero AG)
NQuotes (HKLM-x32\...\NQuotes) (Version: 1.13 - Brainroom Ltd.)
oCam version 495.0 (HKLM-x32\...\oCam_is1) (Version: 495.0 - hxxp://ohsoft.net/)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Slovník Verdict Free (a internetový překladač) (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Verdict Free) (Version: - )
Sonic Foundry Sound Forge 6.0a (HKLM-x32\...\{6CDC68BB-C997-4ADC-9BA0-6293FB88521E}) (Version: 6.0.150 - Sonic Foundry)
Telegram Desktop version 1.9.6 (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.9.6 - Telegram FZ-LLC)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{C4BE7550-ECE1-417D-A787-01266DC1F5A6}) (Version: 1.22.0.0 - Microsoft Corporation) Hidden
Viber (HKLM-x32\...\{BFA8868B-76A2-4B64-ADE2-76CF7E3E882D}) (Version: 9.9.5.12 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\{144a144e-eecc-4102-bd8b-778664ebf53a}) (Version: 9.9.5.12 - Viber Media Inc.)
Video Viewer (HKLM-x32\...\Video Viewer) (Version: 0.1.9.7 - AVTECH Corporation, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VSO Image Resizer 1.3.4d (HKLM-x32\...\VSO Image Resizer_is1) (Version: 1.3.4d - VSO-Software)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{F92064F6-BDE8-46FC-A19F-4E12D311BE3A}) (Version: 1.0.30 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Xilisoft Video Converter Ultimate (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 7.0.1.1219 - Xilisoft)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )
Zoom (HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\ZoomUMX) (Version: 4.5 - Zoom Video Communications, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-01] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.14.105.0_x64__8wekyb3d8bbwe [2019-12-21] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-25] (Netflix, Inc.)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-08-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [VirusScan] -> {cda2863e-2497-4c49-9b89-06840e070a87} => C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\shext.dll [2019-05-16] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers4: [VirusScan] -> {cda2863e-2497-4c49-9b89-06840e070a87} => C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\shext.dll [2019-05-16] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2012-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ImageResizer] -> {C6193976-9333-4E73-96BA-7B21CA942187} => C:\Program Files (x86)\VSO\Image Resizer\RSZShell64.dll [2007-01-24] (VSO Software SARL) [File not signed]
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [VirusScan] -> {cda2863e-2497-4c49-9b89-06840e070a87} => C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\shext.dll [2019-05-16] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\WINDOWS\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2007-03-13 10:28 - 2007-03-13 10:28 - 000823296 _____ () [File not signed] C:\Program Files (x86)\Common Files\Nero\Lib\log4cxx.dll
2016-12-02 22:00 - 2010-03-15 11:28 - 000166400 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2018-01-22 19:50 - 2010-09-26 20:31 - 000073728 ____R (Vimicro Corporation) [File not signed] C:\Program Files (x86)\Common Files\Vimisoft Studio\exvmuvc.ax
2018-01-22 19:50 - 2010-09-28 12:04 - 000081920 _____ (Vimicro Corporation) [File not signed] C:\Program Files (x86)\Common Files\Vimisoft Studio\VmicCommonIR.dll
2018-01-22 19:50 - 2010-06-21 15:56 - 000077824 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\FlydCamCtrl.dll
2018-01-22 19:50 - 2010-09-28 13:43 - 000147456 _____ (Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\Plugins\immirrc.dll
2018-01-22 19:50 - 2010-06-21 15:56 - 000073728 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\TiaDecFac.dll
2018-01-22 19:51 - 2010-06-10 15:10 - 000081920 _____ (VimiSoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vflydblapl.ax
2018-01-22 19:51 - 2010-05-18 17:23 - 000196608 _____ (Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vflydcam.ax
2019-08-15 17:52 - 2007-01-24 09:38 - 000130048 _____ (VSO Software SARL) [File not signed] C:\Program Files (x86)\VSO\Image Resizer\RSZShell64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2020-01-23 09:01 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A3518309-723E-4FB4-BC64-103B9708AA00}] => (Allow) C:\Users\aaa\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4F05A4CF-5509-4268-AFB5-EB40A5D085B5}] => (Allow) C:\Program Files\Admiral Markets MT5\metatester64.exe (MetaQuotes Software Corp. -> MetaQuotes Software Corp.)
FirewallRules: [UDP Query User{523EC6D2-0E8A-4FB8-A508-A795F55E382E}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe No File
FirewallRules: [TCP Query User{79C32572-946E-48CF-90CA-B64E7CB95191}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe No File
FirewallRules: [UDP Query User{FB12E5DD-F9AA-4DE2-93FA-8C265F94DDF3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{BB9736D6-BA41-4001-BBDB-81FF6FA7A576}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AFC98497-7732-4BEC-BB8E-B08871DBCA2C}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe No File
FirewallRules: [{28C31ACC-F509-44A6-AC1F-D9B690F335E6}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe No File
FirewallRules: [{0E8A3579-2D1D-4BB9-BA79-BCBB4B828C2B}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe No File
FirewallRules: [{29DBEAF4-1771-4F6C-9FD8-77F5F381E08F}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe No File
FirewallRules: [{1D6A71AF-1ADE-46D9-A1F6-FA5F8BF89B33}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe No File
FirewallRules: [{99D1E8FB-AAD8-40F0-8EF9-6EE8BD5CA390}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe No File
FirewallRules: [{8155F672-63A1-49F9-896E-9511CA903A65}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe No File
FirewallRules: [{142A2E18-D95F-4C53-AA9D-2CB997F46C1E}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe No File
FirewallRules: [{C9DC3E7B-2870-4617-AB22-AB93F6314765}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe No File
FirewallRules: [{68EF71F6-AF14-41F2-B131-F7B442CBE9E8}] => (Allow) C:\Program Files (x86)\McAfee\Common Framework\macmnsvc.exe No File
FirewallRules: [TCP Query User{0390A106-3AF7-4363-A748-3F4455E14EF7}C:\program files (x86)\videoviewer\videoviewer.exe] => (Block) C:\program files (x86)\videoviewer\videoviewer.exe No File
FirewallRules: [UDP Query User{6444DB01-25D1-45AD-9905-8D634C3A9362}C:\program files (x86)\videoviewer\videoviewer.exe] => (Block) C:\program files (x86)\videoviewer\videoviewer.exe No File
FirewallRules: [TCP Query User{8BF7EB87-E13D-4FE8-8301-564719B0E349}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [UDP Query User{FD769A59-594E-41CE-95FA-D0C6B69CC3D3}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [TCP Query User{B0743B75-93A8-44EA-A969-92311DDD56CD}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe No File
FirewallRules: [UDP Query User{0697B737-5D05-4738-ADFA-2E77ECE3178D}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe No File
FirewallRules: [TCP Query User{807389EF-F73E-498A-8F33-68B9224FB859}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe No File
FirewallRules: [UDP Query User{BD0A65AF-223E-49BC-9E97-A873F55DE117}C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\javaw.exe No File
FirewallRules: [TCP Query User{FDE4B27C-D078-4CB2-8F86-20447217832D}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe No File
FirewallRules: [UDP Query User{B28E1106-7C65-4998-973D-6B42C576F506}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe No File
FirewallRules: [{41B55316-CCE3-4118-B69F-E04AC94C3D3B}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{BF260DAD-8FD3-43DB-B554-170AAA390C3A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{81A37EFA-7493-4F1C-93FC-92A56DCF6789}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [UDP Query User{BB0DB695-0B30-443D-B291-451D981C30AA}C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_201\bin\javaw.exe No File
FirewallRules: [{26C8ABBB-C5E4-4EE4-B2DA-5879EA24EA5D}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{43CC3079-FC02-4D11-8496-A0FA0795E7A4}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{917A3821-484C-4B61-8498-B89208B30163}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [{8473AAD1-96D9-4CDB-8F8F-BB181A3D29D5}] => (Allow) C:\Program Files\McAfee\Agent\macmnsvc.exe (McAfee, Inc. -> McAfee LLC.)
FirewallRules: [TCP Query User{51DD86A4-7A3B-4D5B-9A1C-AFB229613AF8}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe No File
FirewallRules: [UDP Query User{05388E02-D273-4010-9FEC-47A76A9BFCCF}C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_221\bin\javaw.exe No File
FirewallRules: [TCP Query User{E032C053-8342-4D02-A5FF-EA1BF4094C92}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [UDP Query User{07BE12DB-7DB6-4E76-9076-8713C59F0439}C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_231\bin\javaw.exe No File
FirewallRules: [TCP Query User{EF6C2B77-156B-48E3-AA55-7B39F06DDBE7}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe
FirewallRules: [UDP Query User{9DED04E5-CBBB-4BE1-92A6-1936398BF5B9}C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_241\bin\javaw.exe
FirewallRules: [{715763F6-41A5-4747-BC3E-F5B246C53A5B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

17-01-2020 19:11:06 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/24/2020 09:05:59 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7392,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/24/2020 09:00:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5712,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 10:20:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10572,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 10:01:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8568,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 09:51:37 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4484,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 09:41:18 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5492,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 09:14:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1508,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/23/2020 09:08:04 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

System errors:
=============
Error: (01/23/2020 09:45:25 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-1JNUR2R)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/23/2020 08:58:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/23/2020 08:58:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/23/2020 08:58:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NMIndexingService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/23/2020 08:58:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bluetooth Driver Management Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/23/2020 08:58:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/23/2020 08:58:41 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/20/2020 10:43:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adaptér výkonu rozhraní WMI neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Windows Defender:
===================================
Date: 2019-09-23 20:17:58.793
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCleaner64.exe provádění změn v paměti.
Čas detekce: 2019-09-23T18:17:58.792Z
Uživatel: (unknown user)
Cesta: \Device\Harddisk1\DR1
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: 1.301.2094.0
Verze modulu: 1.1.16300.1
Verze produktu: 4.18.1902.5

Date: 2019-09-23 20:16:56.861
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCUpdate.exe provádění změn v paměti.
Čas detekce: 2019-09-23T18:16:56.861Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\Harddisk1\DR1
Název procesu: C:\Program Files\CCleaner\CCUpdate.exe
Verze bezpečnostních informací: 1.301.2094.0
Verze modulu: 1.1.16300.1
Verze produktu: 4.18.1902.5

Date: 2019-09-23 19:43:02.700
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCleaner64.exe provádění změn v paměti.
Čas detekce: 2019-09-23T17:43:02.699Z
Uživatel: (unknown user)
Cesta: \Device\Harddisk1\DR1
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: 1.301.2094.0
Verze modulu: 1.1.16300.1
Verze produktu: 4.18.1902.5

Date: 2019-09-23 19:42:55.547
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCUpdate.exe provádění změn v paměti.
Čas detekce: 2019-09-23T17:42:55.547Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\Harddisk1\DR1
Název procesu: C:\Program Files\CCleaner\CCUpdate.exe
Verze bezpečnostních informací: 1.301.2094.0
Verze modulu: 1.1.16300.1
Verze produktu: 4.18.1902.5

Date: 2019-10-27 22:54:46.580
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.301.2094.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80070643
Popis chyby: Při instalaci došlo k závažné chybě.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F4 02/06/2012
Motherboard: Gigabyte Technology Co., Ltd. H55M-D2H
Processor: Intel(R) Core(TM) i3 CPU 550 @ 3.20GHz
Percentage of memory in use: 61%
Total physical RAM: 3767.49 MB
Available physical RAM: 1432.44 MB
Total Virtual: 7812.26 MB
Available Virtual: 5047.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.56 GB) (Free:348.1 GB) NTFS
Drive d: () (Fixed) (Total:931.41 GB) (Free:416.5 GB) NTFS

\\?\Volume{f2781714-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{f2781714-0000-0000-0000-80c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.04 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 00084F14)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F2781714)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=467 MB) - (Type=27)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2020 01
Ran by aaa (administrator) on DESKTOP-1JNUR2R (ATComputers COMFOR DIABLO I65) (24-01-2020 09:05:08)
Running from C:\Users\aaa\Desktop
Loaded Profiles: aaa (Available Profiles: defaultuser0 & aaa)
Platform: Windows 10 Pro Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\macmnsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\masvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\macompatsvc.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mctray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\mfemactl.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfehcs.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.36.6003.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(OORT inc. -> oh!soft) C:\Program Files (x86)\oCam\oCamTask.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\aaa\AppData\Roaming\Telegram Desktop\Telegram.exe
(Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vicamon.exe
(Vimisoft Studio) [File not signed] C:\Program Files (x86)\IM Magician\vmonproc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IMMON] => C:\Program Files (x86)\IM Magician\Vicamon.exe [143360 2010-09-28] (Vimisoft Studio) [File not signed]
HKLM-x32\...\Run: [IMMONSUPPORT] => "C:\Program Files (x86)\IM Magician\vmonproc.exe" /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exe
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Agent\x86\UpdaterUI.exe [532184 2017-06-14] (McAfee, Inc. -> McAfee LLC.)
HKLM-x32\...\Run: [ShStatEXE] => C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [326680 2019-05-16] (McAfee, Inc. -> McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-08-03] (Nero AG -> Nero AG)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-22] (Google LLC -> Google LLC)
Startup: C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2018-03-19]
ShortcutTarget: Telegram.lnk -> C:\Users\aaa\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {5FCEBB97-CE98-49DD-8688-3498F1C20BEB} - System32\Tasks\oCamTask => C:\Program Files (x86)\oCam\oCamTask.exe [148816 2019-09-06] (OORT inc. -> oh!soft)
Task: {6D6DC8DE-5295-4E49-B5D6-446344A4EC88} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {71C37E72-5579-4A38-A6E8-566DD5108E9C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {7BD8E00E-16CE-45E1-9ABA-33CED54E89D7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {81795AC2-BBFA-40A9-B4C2-C1A162AC9B67} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-30] (Google Inc -> Google LLC)
Task: {C39432B3-5517-49C8-8ACD-F0173769553F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-30] (Google Inc -> Google LLC)
Task: {D0FC1248-F34A-4F28-AAB2-12AB5D5569C4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_314_pepper.exe [1453112 2020-01-18] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{14b0b5df-90a9-4ebf-9aed-aaa7b8c0f122}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2905597249-1629462600-326273939-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20190923202205.dll [2019-09-23] (McAfee, Inc. -> McAfee, LLC)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-01-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20190923202206.dll [2019-09-23] (McAfee, Inc. -> McAfee, LLC)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-19] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: (McAfee ScriptScan for Firefox) - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2019-09-23] [Legacy] [not signed]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2905597249-1629462600-326273939-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\aaa\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-10-16] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Notifications: Default -> hxxps://app.cryptokingdom.tech
CHR Profile: C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default [2020-01-24]
CHR DownloadDir: C:\Users\aaa\Desktop
CHR Extension: (Prezentace) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-30]
CHR Extension: (Dokumenty) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-30]
CHR Extension: (Disk Google) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-07-30]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-08-30]
CHR Extension: (YouTube) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-30]
CHR Extension: (Tabulky) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-30]
CHR Extension: (Chrome Media Router) - C:\Users\aaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 macmnsvc; C:\Program Files\McAfee\Agent\macmnsvc.exe [121648 2017-06-14] (McAfee, Inc. -> McAfee LLC.)
R2 masvc; C:\Program Files\McAfee\Agent\masvc.exe [64384 2017-06-14] (McAfee, Inc. -> McAfee LLC.)
R3 McAfeeFramework; C:\Program Files\McAfee\Agent\x86\macompatsvc.exe [223376 2017-06-14] (McAfee, Inc. -> McAfee LLC.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [419792 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [320208 2019-05-16] (McAfee, Inc. -> McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [376992 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [609920 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [542240 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-08-03] (Nero AG -> Nero AG)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2017-06-05] (Sony Mobile Communications AB -> Sony Mobile Communications)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [523336 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R3 mfeaacsk; C:\WINDOWS\System32\drivers\mfeaacsk.sys [64048 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [380976 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [109104 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [86144 2019-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518192 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R3 mfehck; C:\WINDOWS\System32\drivers\mfehck.sys [91184 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [991792 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [118320 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [126000 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254000 2019-09-23] (McAfee, Inc. -> McAfee, LLC)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-24 09:05 - 2020-01-24 09:08 - 000018160 _____ C:\Users\aaa\Desktop\FRST.txt
2020-01-23 09:01 - 2020-01-23 09:01 - 012410792 _____ C:\Users\aaa\Desktop\23.01.2020_09.01.35.zip
2020-01-23 08:58 - 2020-01-23 09:03 - 000010767 _____ C:\Users\aaa\Desktop\Fixlog.txt
2020-01-23 08:58 - 2020-01-23 08:58 - 000000000 ____D C:\Users\aaa\Desktop\FRST-OlderVersion
2020-01-20 22:37 - 2020-01-20 22:41 - 000000000 ____D C:\AdwCleaner
2020-01-20 22:15 - 2020-01-20 22:15 - 008237744 _____ (Malwarebytes) C:\Users\aaa\Desktop\adwcleaner_8.0.1.exe
2020-01-20 22:07 - 2020-01-21 08:56 - 000000000 ____D C:\Users\aaa\Desktop\Harmoniky 2
2020-01-20 20:59 - 2020-01-20 21:02 - 000003016 _____ C:\WINDOWS\system32\Tasks\oCamTask
2020-01-20 20:59 - 2020-01-20 21:02 - 000001020 _____ C:\Users\Public\Desktop\oCam.lnk
2020-01-20 20:59 - 2020-01-20 21:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\oCam
2020-01-20 20:58 - 2020-01-20 21:02 - 000000000 ____D C:\Program Files (x86)\oCam
2020-01-19 22:28 - 2020-01-24 09:07 - 000000000 ____D C:\FRST
2020-01-19 22:26 - 2020-01-23 08:58 - 002580480 _____ (Farbar) C:\Users\aaa\Desktop\FRST64.exe
2020-01-19 19:24 - 2020-01-19 23:12 - 2292236386 _____ C:\Users\aaa\Desktop\Lovci pokladů 2.avi
2020-01-17 20:05 - 2020-01-17 20:05 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-17 20:05 - 2020-01-17 20:05 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-17 20:05 - 2020-01-17 20:05 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-17 20:05 - 2020-01-17 20:05 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-17 20:05 - 2020-01-17 20:05 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-17 20:04 - 2020-01-17 20:04 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-17 20:04 - 2020-01-17 20:04 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-17 20:04 - 2020-01-17 20:04 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-17 20:04 - 2020-01-17 20:04 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-17 20:04 - 2020-01-17 20:04 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-17 20:04 - 2020-01-17 20:04 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-17 20:04 - 2020-01-17 20:04 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-17 20:04 - 2020-01-17 20:04 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-17 20:04 - 2020-01-17 20:04 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-17 19:47 - 2020-01-17 19:47 - 000000000 ____D C:\Users\aaa\Documents\NeroVision
2020-01-17 19:14 - 2020-01-17 19:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-17 19:14 - 2020-01-17 19:15 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-16 19:02 - 2020-01-16 19:19 - 000000000 ____D C:\Users\aaa\Desktop\vypovědi
2020-01-13 21:49 - 2020-01-13 21:49 - 000000000 ____D C:\Users\aaa\Desktop\foto 2020
2020-01-13 21:31 - 2020-01-13 21:39 - 000000000 ____D C:\Users\aaa\Desktop\Nová složka
2020-01-12 17:41 - 2020-01-12 20:53 - 1710034809 _____ C:\Users\aaa\Desktop\Láska na vlásku - pohádka (2014).mp4
2020-01-08 21:04 - 2020-01-12 13:28 - 000000000 ____D C:\Users\aaa\Desktop\GP Kurz 2
2020-01-08 20:27 - 2020-01-08 20:27 - 000000010 _____ C:\Users\aaa\Desktop\mike heslo.txt
2020-01-05 22:17 - 2020-01-05 22:17 - 000000000 ____D C:\Users\aaa\Documents\inzeraty foto
2020-01-05 22:16 - 2020-01-05 22:16 - 000000000 ____D C:\Users\aaa\Desktop\inzeraty foto
2020-01-05 22:16 - 2020-01-05 22:16 - 000000000 ____D C:\Users\aaa\Desktop\inventura 2019
2020-01-03 22:03 - 2020-01-03 22:04 - 000000000 ____D C:\Program Files (x86)\YouTube Downloader
2020-01-03 22:03 - 2020-01-03 22:03 - 000001147 _____ C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YouTube Downloader.lnk
2019-12-25 23:14 - 2019-12-26 00:48 - 000000000 ____D C:\Users\aaa\Desktop\gott

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-24 09:09 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-24 08:52 - 2019-09-23 19:21 - 000002017 _____ C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\McAfee VirusScan Scan Messages.lnk
2020-01-24 08:52 - 2018-02-06 14:10 - 000000000 ____D C:\Users\aaa\AppData\Roaming\Telegram Desktop
2020-01-23 10:10 - 2017-09-12 17:44 - 000000000 ____D C:\Users\aaa\AppData\Roaming\vlc
2020-01-23 09:45 - 2019-09-09 15:47 - 000000000 ___DC C:\WINDOWS\Panther
2020-01-23 09:45 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-23 09:05 - 2019-09-23 18:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-23 09:04 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-23 09:03 - 2017-08-22 18:52 - 000000000 ____D C:\Users\aaa\AppData\LocalLow\Temp
2020-01-22 21:53 - 2019-07-30 22:28 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-22 21:47 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-21 18:17 - 2019-09-23 18:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-21 08:09 - 2017-07-29 12:22 - 000000000 ____D C:\Users\aaa\Desktop\NAINSTALOVANO
2020-01-20 22:44 - 2018-03-25 11:44 - 000000000 ____D C:\Program Files (x86)\Java
2020-01-19 21:51 - 2018-03-25 11:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-01-19 21:49 - 2018-03-25 11:45 - 000114232 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-01-19 19:21 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-19 18:15 - 2019-09-23 18:34 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2905597249-1629462600-326273939-1001
2020-01-19 18:14 - 2019-09-23 18:16 - 000002400 _____ C:\Users\aaa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-19 18:14 - 2016-12-02 21:53 - 000000000 ___RD C:\Users\aaa\OneDrive
2020-01-18 18:50 - 2017-08-02 12:17 - 000000000 ____D C:\Users\aaa\AppData\Local\Adobe
2020-01-18 18:49 - 2019-09-23 18:34 - 000004662 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-01-18 18:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-18 18:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-17 23:30 - 2019-03-19 05:37 - 000131072 _____ C:\WINDOWS\system32\config\ELAM
2020-01-17 23:29 - 2019-09-23 18:09 - 000442920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-17 23:24 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-17 23:24 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-17 23:24 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-17 23:24 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-17 20:26 - 2016-12-02 23:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-17 20:13 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-17 20:13 - 2016-12-02 23:25 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-16 19:03 - 2017-09-04 09:22 - 000000000 ____D C:\Users\aaa\Desktop\AA XP
2020-01-12 12:01 - 2019-01-29 05:01 - 000000000 ____D C:\Users\aaa\Downloads\Telegram Desktop
2020-01-09 21:27 - 2019-12-16 20:08 - 000000000 ____D C:\Users\aaa\Desktop\GP Kurz 1
2020-01-08 20:33 - 2019-10-20 19:37 - 000000000 ____D C:\Users\aaa\Desktop\videa z tel
2020-01-07 13:59 - 2017-07-30 16:41 - 000000000 ____D C:\Users\aaa\Desktop\Marie Tatrnová
2020-01-06 10:01 - 2019-01-13 12:17 - 000000000 ____D C:\Users\aaa\AppData\Roaming\ViberPC
2020-01-06 10:00 - 2019-01-13 12:18 - 000000000 ____D C:\Users\aaa\Documents\ViberDownloads
2020-01-05 22:18 - 2017-06-15 08:05 - 000000000 ____D C:\Users\aaa\Desktop\AAA DOKUMENTY
2020-01-05 17:48 - 2018-10-29 20:09 - 000000000 ____D C:\Users\aaa\Desktop\Serialy
2020-01-03 22:03 - 2017-08-11 20:45 - 000000000 ___RD C:\Users\aaa\Desktop\NÁSTROJE
2019-12-30 20:37 - 2019-03-12 17:53 - 000000000 ____D C:\Users\aaa\Desktop\foto 2019
2019-12-27 20:12 - 2019-12-13 21:47 - 000000000 ____D C:\Users\aaa\Desktop\Martin viděno
2019-12-26 13:10 - 2018-04-16 16:47 - 000000000 ____D C:\Users\aaa\Desktop\JÍDELÁK 2018

==================== Files in the root of some directories ========

2019-05-28 10:03 - 2019-06-23 18:51 - 000004608 _____ () C:\Users\aaa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-09-13 20:20 - 2017-09-13 20:20 - 000000017 _____ () C:\Users\aaa\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

len otazocka:
Cistil si uz plochu

velkost adresara plocha by nemala presahovat 1GB

Jj, vim na ploše toho mam opravdu hodně , přesunu to na C a udělám zastupce na plochu. Bude to tak OK?

ano bude to OK
nadmerna velkost adresara plocha extremne spomaluje PC, hlavne nabeh

Posledne logy uz vyzeraju tiez OK

Ak uz teda nie su ziadne problemy, tak este upraceme po pouzitych nastrojoch:

Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
Uloz na plochu a spusti
Nechaj oznacenu moznost "Remove disinfection tools"
Klikni na "Run"

děkuji moc za pomoc, posli mi pls ješte odkaz na přispění pro forum, diky Milan

Nie je zaco, radi sme pomohli (aj za kolegu)

Za prispevok na forum dakujeme, prispiet je mozne tu: https://platba.viry.cz/payment/

VIRY.CZ

BRTSvc

Re: BRTSvc

Re: BRTSvc

Re: BRTSvc

Re: BRTSvc

Re: BRTSvc

Re: BRTSvc

Re: BRTSvc

Re: BRTSvc

Re: BRTSvc