VIRY.CZ

Logfile of random's system information tool 1.16 (written by random/random)
Run by Simona at 2018-05-01 09:27:43
Microsoft Windows 10 Home
System drive C: has 230 GB (49%) free of 467 GB
Total RAM: 3978 MB (28% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:27:54, on 01.05.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\Users\Simona\Downloads\Dell-Touchpad-Driver_YYK15_WIN_19.2.17.64_A10_02.EXE
C:\Users\Simona\Downloads\Dell-Touchpad-Driver_YYK15_WIN_19.2.17.64_A10_02.EXE
C:\ProgramData\DELL\drivers\20a7ae60-d849-48b2-8c58-8407edb2184f\Synaptics_v19_2_17_64__C__x86-x64__Win7_Win8_Win81_Win10__Signed__MUP__DellWPF.exe
C:\Program Files\trend micro\Simona_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [DropboxOEM] "C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe" auto
O4 - HKLM\..\Run: [WAHELPER.EXE] "C:\Program Files\WinArchiver\WAHELPER.EXE"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKCU\..\Run: [BingSvc] C:\Users\Simona\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Simona\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKCU\..\Run: [Spotify] C:\Users\Simona\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Simona\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\Program Files (x86)\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Data Vault Service API (DDVCollectorSvcApi) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
O23 - Service: Dell Data Vault Collector (DDVDataCollector) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
O23 - Service: Dell Data Vault Processor (DDVRulesProcessor) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: Dell Product Registration Manager (DellProdRegManager) - Aviata, Inc. - C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe
O23 - Service: Dell Update Service (DellUpdate) - Dell Inc. - C:\Program Files (x86)\Dell Update\DellUpService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: Intel Security True Key Helper Service (TrueKeyServiceHelper) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Waves System Service (WavesSysSvc) - Unknown owner - C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WinArchiver Service - Unknown owner - C:\Program Files\WinArchiver\WAService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 12736 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
"C:\Program Files\WinArchiver\WAService.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservice -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SENDINPUT
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e79d0f9a-999d-43f3-80f5-ef81f5cc929c -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c4cea15c-4e02-4a92-a265-2be16ff1fb13 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-37cacb86-13ee-4089-ac1b-4ecce94d7b8f -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-41dca4df-311b-4e78-b624-ab3abe9fad3a -LifetimeId:850150e1-589b-4d0a-9ff6-b4186860c816 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SensrSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe" EXPRESS
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k localservice -p -s fdPHost
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
"C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe"
"C:\Program Files (x86)\Dell Customer Connect\DCCService.exe"
"C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Dell Update\DellUpService.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\Dell Update\DellUpTray.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX5
"C:\Windows\System32\TiltWheelMouse.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SEMgrSvc
"C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE" C:\Users\Simona
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Simona\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Simona\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=66.0.3359.139 --initial-client-data=0x1d0,0x1d4,0x1d8,0x1cc,0x1dc,0x7fff738f3218,0x7fff738f3228,0x7fff738f3238
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=7020 --on-initialized-event-handle=652 --parent-handle=656 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=933CEB4E21A14DF44F8E13508C80FD07 --mojo-platform-channel-handle=1396 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=6827DF113FD07B780BE3600EDB820647 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=6827DF113FD07B780BE3600EDB820647 --renderer-client-id=3 --mojo-platform-channel-handle=2428 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=3D6911D75B5D03E562FD4259B5C14FD8 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=3D6911D75B5D03E562FD4259B5C14FD8 --renderer-client-id=4 --mojo-platform-channel-handle=2464 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=82FDA7DC221937EA32374784EAB24D59 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=82FDA7DC221937EA32374784EAB24D59 --renderer-client-id=7 --mojo-platform-channel-handle=3328 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=90C2CEF33DFE4947B47C81DF31C52FC7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=90C2CEF33DFE4947B47C81DF31C52FC7 --renderer-client-id=14 --mojo-platform-channel-handle=6300 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=D6EBE0672DE94C5F60402A91D9B209AB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=D6EBE0672DE94C5F60402A91D9B209AB --renderer-client-id=12 --mojo-platform-channel-handle=6312 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=E7D8EC6E9B2542F1E39819EE0E732F29 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=E7D8EC6E9B2542F1E39819EE0E732F29 --renderer-client-id=15 --mojo-platform-channel-handle=6404 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=13681680F82C3690CCD845447071A1D1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=13681680F82C3690CCD845447071A1D1 --renderer-client-id=13 --mojo-platform-channel-handle=4736 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=2EF63C7AA53810B3CD925E0CCA157751 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=2EF63C7AA53810B3CD925E0CCA157751 --renderer-client-id=11 --mojo-platform-channel-handle=7564 /prefetch:1
"C:\Users\Simona\Downloads\Dell-Touchpad-Driver_YYK15_WIN_19.2.17.64_A10_02.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=A553DAB4235877BCED33F713F50D3636 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=A553DAB4235877BCED33F713F50D3636 --renderer-client-id=6 --mojo-platform-channel-handle=8216 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=FC8F2EE88CD2F125ACA7E55921BA2A6D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=FC8F2EE88CD2F125ACA7E55921BA2A6D --renderer-client-id=19 --mojo-platform-channel-handle=7768 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=B63C7EADB5469321C26F343F883F73C6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=B63C7EADB5469321C26F343F883F73C6 --renderer-client-id=17 --mojo-platform-channel-handle=6868 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=88DA20BF5054B2103786F33352EF3A28 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=88DA20BF5054B2103786F33352EF3A28 --renderer-client-id=16 --mojo-platform-channel-handle=9948 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=C391A525CC93BE2F42C2440A64EDC5F8 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=C391A525CC93BE2F42C2440A64EDC5F8 --renderer-client-id=10 --mojo-platform-channel-handle=9900 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --lang=cs --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --service-request-channel-token=CFF0EB1A6D675971428FBCF5DEECAF4F --mojo-platform-channel-handle=10244 /prefetch:4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=5281E41F198B71590E9AE289F0F077E8 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=5281E41F198B71590E9AE289F0F077E8 --renderer-client-id=20 --mojo-platform-channel-handle=10572 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=D3F54C166ED28B159D74CFF5DFA033F2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=D3F54C166ED28B159D74CFF5DFA033F2 --renderer-client-id=26 --mojo-platform-channel-handle=10500 /prefetch:1
"C:\Users\Simona\Downloads\Dell-Touchpad-Driver_YYK15_WIN_19.2.17.64_A10_02.EXE"
"C:\ProgramData\DELL\drivers\20a7ae60-d849-48b2-8c58-8407edb2184f\Synaptics_v19_2_17_64__C__x86-x64__Win7_Win8_Win81_Win10__Signed__MUP__DellWPF.exe" /E /v"LOGFILE=C:\ProgramData\dell\drivers\20a7ae60-d849-48b2-8c58-8407edb2184f\DUPLogDir\DUP9E85.tmp"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=F2B4C02E9EE71345378D816D2D14B23C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=F2B4C02E9EE71345378D816D2D14B23C --renderer-client-id=28 --mojo-platform-channel-handle=9404 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=B50BCB5A3A6CB79FAEFF870CF5D079A9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=B50BCB5A3A6CB79FAEFF870CF5D079A9 --renderer-client-id=29 --mojo-platform-channel-handle=8904 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=7127AF014FCCA010B1777B295C356081 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=7127AF014FCCA010B1777B295C356081 --renderer-client-id=35 --mojo-platform-channel-handle=11420 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1384,8779787523818670380,1498915464943253284,131072 --service-pipe-token=C7313CDD7EF7F4C38F86B22FFFE13482 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-compositor-image-animations --service-request-channel-token=C7313CDD7EF7F4C38F86B22FFFE13482 --renderer-client-id=38 --mojo-platform-channel-handle=12124 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 744 748 756 8192 752
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\Simona\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc

====== Scheduled tasks folder ======

C:\WINDOWS\tasks\simplitec Power Suite (Tray).job - C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
C:\WINDOWS\tasks\simplitec Power Suite.job - C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe -task
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\AdobeGCInvoker-1.0-MicrosoftAccount-kozlovasimona@hotmail.com - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
C:\WINDOWS\system32\tasks\Dell SupportAssistAgent AutoUpdate - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe AutoUpdate
C:\WINDOWS\system32\tasks\GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe /prepare
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task-S-1-5-21-1845321611-535337565-3413128556-1001 - %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\PCDDataUploadTask - "uaclauncher.exe" -lloc dataupload --ignoresecondarysplash --runsilently --skipidlewait
C:\WINDOWS\system32\tasks\RtHDVBg_PushButton - "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
C:\WINDOWS\system32\tasks\simplitec Power Suite - C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe -task
C:\WINDOWS\system32\tasks\simplitec Power Suite (Tray) - C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe
C:\WINDOWS\system32\tasks\Synaptics TouchPad Enhancements - "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\tasks\SystemToolsDailyTest - "uaclauncher.exe" -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{E9D29D4A-7331-4EDF-A4DF-21C3CAF14F69} - C:\Windows\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{3D51994C-471B-444D-8D27-9079CBF81F6D} - C:\Windows\system32\pcalua.exe -a E:\Sims2SP2_Uninst.exe -d E:\
C:\WINDOWS\system32\tasks\{6AB44BD6-3765-4799-8EA2-F0CA2F3B900B} - C:\Windows\system32\pcalua.exe -a E:\eauninstall.exe -d E:\
C:\WINDOWS\system32\tasks\{8DC1705F-89CF-44C7-91C0-0D181D43FF35} - C:\Windows\system32\pcalua.exe -a C:\Users\Simona\Downloads\TheSims2Introduction\TheSims2Introduction\TS2Sampler_Install.exe -d C:\Users\Simona\Downloads\TheSims2Introduction\TheSims2Introduction
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows\WwanSvc\NotificationTask - %SystemRoot%\System32\WiFiTask.exe wwan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Recovery-Check - %SystemRoot%\System32\dsregcmd.exe /checkrecovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network - C:\Windows\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WaaSMedic\PerformRemediation - %systemroot%\System32\WaaSMedic.exe None
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe RebootDialog
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display - %systemroot%\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr - %windir%\System32\UNP\UpdateNotificationMgr.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe -e
C:\WINDOWS\system32\tasks\Microsoft\Windows\Subscription\LicenseAcquisition - %SystemRoot%\system32\ClipRenew.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\SMB\UninstallSMB1ClientTask - %windir%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
C:\WINDOWS\system32\tasks\Microsoft\Windows\SMB\UninstallSMB1ServerTask - %windir%\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& %windir%\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\LoginCheck - %windir%\system32\sc.exe start pushtoinstall login
C:\WINDOWS\system32\tasks\Microsoft\Windows\PushToInstall\Registration - %windir%\system32\sc.exe start pushtoinstall registration
C:\WINDOWS\system32\tasks\Microsoft\Windows\Printing\EduPrintProv - %windir%\system32\eduprintprov.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Cellular - %windir%\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5 /source LogonIdleTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Chkdsk\SyspartRepair - %windir%\system32\bcdboot.exe %windir% /sysrepair
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload
C:\WINDOWS\system32\tasks\Dell\Dell Product Registration - C:\Program Files (x86)\Dell Product Registration\prodreg.exe /boot /LSRC=autolaunch
C:\WINDOWS\system32\tasks\Dell\Dell Product Registration Update - C:\Program Files (x86)\Dell Product Registration\prodreg.exe /updatecheck /LSRC=autolaunch

=========Google Chrome=========

C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension cjpalhdlnbpafiamejdnhcphjbkeiagm 1 uBlock Origin 1.16.2
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension fcfenmboojpjinhpgggodefccipikbpd 2 MSN Homepage & Bing Search Engine 1.0.0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.73
Extension lifbcibllhkdhoafpjfnlhfpfgnpldfl 1 Skype 10.2.0.9950
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.7
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.4
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6618.312.0.2
Homepage: http://www.seznam.cz/
default_search_provider.search_url:
C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl]
"Path"=


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0E2CF617-77F6-49DC-BC37-0EEBAC3740B9}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0E2CF617-77F6-49DC-BC37-0EEBAC3740B9}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=DCJB


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0E2CF617-77F6-49DC-BC37-0EEBAC3740B9}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0E2CF617-77F6-49DC-BC37-0EEBAC3740B9}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=DCJB

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25 1429728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15 229040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\MICROS~1\Office15\GROOVEEX.DLL [2017-02-23 2351920]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25 1056992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-25 163536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files (x86)\MICROS~1\Office15\GROOVEEX.DLL [2017-02-23 1743664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25 1429728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25 1056992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-08-04 8512760]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-08-04 1411320]
"QuickSet"=c:\Program Files\Dell\QuickSet\QuickSet.exe [2014-02-27 3775816]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05 315880]
"MouseDriver"=TiltWheelMouse.exe []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=C:\Users\Simona\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-12 144008]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]
"OneDrive"=C:\Users\Simona\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-03-20 1559200]
"GarminExpressTrayApp"=C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [2018-03-27 1462184]
"Spotify"=C:\Users\Simona\AppData\Roaming\Spotify\Spotify.exe [2018-04-10 22454160]
"Spotify Web Helper"=C:\Users\Simona\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018-04-10 782736]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DropboxOEM"=C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-09-02 462160]
"WAHELPER.EXE"=C:\Program Files\WinArchiver\WAHELPER.EXE [2015-08-16 504632]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-03-27 2404952]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableFullTrustStartupTasks"=2
"EnableUIADesktopToggle"=0
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath" = %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2018-05-01 09:27:43 ----D---- C:\rsit
2018-05-01 09:27:43 ----D---- C:\Program Files\trend micro
2018-05-01 09:06:12 ----D---- C:\ProgramData\F-Secure
2018-05-01 08:22:01 ----D---- C:\WINDOWS\LastGood.Tmp
2018-04-30 22:35:19 ----D---- C:\Program Files\VS Revo Group
2018-04-30 22:10:05 ----D---- C:\AdwCleaner
2018-04-06 19:15:07 ----D---- C:\Program Files (x86)\Dell Update
2018-04-04 18:31:29 ----D---- C:\found.000

====== List of files/folders modified in the last 1 month ======

2018-05-01 09:27:43 ----RD---- C:\Program Files
2018-05-01 09:27:27 ----D---- C:\WINDOWS\Prefetch
2018-05-01 09:16:30 ----D---- C:\WINDOWS\system32\drivers
2018-05-01 09:14:58 ----D---- C:\WINDOWS\Temp
2018-05-01 09:07:09 ----D---- C:\WINDOWS\system32\catroot2
2018-05-01 09:06:12 ----HD---- C:\ProgramData
2018-05-01 08:59:37 ----D---- C:\Users\Simona\AppData\Roaming\Skype
2018-05-01 08:58:39 ----AD---- C:\Program Files (x86)\Dell Backup and Recovery
2018-05-01 08:45:55 ----D---- C:\WINDOWS\DeliveryOptimization
2018-05-01 08:40:58 ----D---- C:\WINDOWS\System32
2018-05-01 08:40:34 ----D---- C:\Windows
2018-05-01 08:39:21 ----D---- C:\WINDOWS\system32\sru
2018-05-01 08:22:06 ----D---- C:\WINDOWS\SysWOW64
2018-05-01 08:21:56 ----D---- C:\WINDOWS\INF
2018-05-01 08:21:48 ----D---- C:\WINDOWS\system32\DriverStore
2018-05-01 08:18:53 ----D---- C:\WINDOWS\system32\Tasks
2018-04-30 22:49:54 ----SHD---- C:\System Volume Information
2018-04-30 22:43:42 ----RD---- C:\Program Files (x86)
2018-04-30 22:22:17 ----D---- C:\WINDOWS\system32\config
2018-04-30 22:14:06 ----D---- C:\WINDOWS\WinSxS
2018-04-30 22:13:40 ----D---- C:\WINDOWS\Logs
2018-04-30 16:45:54 ----RD---- C:\WINDOWS\Microsoft.NET
2018-04-30 16:34:44 ----D---- C:\ProgramData\PCDr
2018-04-30 16:30:32 ----D---- C:\Users\Simona\AppData\Roaming\Spotify
2018-04-30 16:26:32 ----HD---- C:\Program Files\WindowsApps
2018-04-30 16:26:30 ----D---- C:\WINDOWS\AppReadiness
2018-04-30 06:46:44 ----D---- C:\WINDOWS\system32\SleepStudy
2018-04-30 06:34:14 ----D---- C:\WINDOWS\system32\LogFiles
2018-04-29 12:39:49 ----D---- C:\WINDOWS\system32\drivers\wd
2018-04-29 12:25:03 ----SHD---- C:\WINDOWS\Installer
2018-04-29 12:25:01 ----SHD---- C:\Config.Msi
2018-04-29 12:25:01 ----D---- C:\ProgramData\Skype
2018-04-29 12:24:36 ----RD---- C:\Program Files (x86)\Skype
2018-04-29 12:24:34 ----D---- C:\Program Files (x86)\Common Files
2018-04-23 20:14:55 ----D---- C:\WINDOWS\Minidump
2018-04-23 18:45:20 ----D---- C:\WINDOWS\CbsTemp
2018-04-23 16:23:48 ----D---- C:\WINDOWS\LiveKernelReports
2018-04-11 20:58:57 ----D---- C:\Program Files (x86)\McAfee
2018-04-11 20:58:50 ----D---- C:\Program Files\TrueKey
2018-04-10 21:21:55 ----D---- C:\WINDOWS\system32\MRT
2018-04-10 21:12:45 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-10 21:12:34 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-04-09 19:13:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-06 20:33:09 ----D---- C:\ProgramData\Package Cache
2018-04-06 20:32:54 ----AD---- C:\Program Files (x86)\Garmin
2018-04-06 20:32:33 ----D---- C:\ProgramData\Garmin
2018-04-06 19:39:20 ----D---- C:\ProgramData\Microsoft Help
2018-04-06 19:33:48 ----A---- C:\WINDOWS\win.ini
2018-04-06 19:33:03 ----RSD---- C:\WINDOWS\assembly
2018-04-06 19:10:46 ----D---- C:\WINDOWS\system32\NDF
2018-04-03 21:37:46 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 BTATH_BUS;@oem154.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-26 35016]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer; C:\WINDOWS\system32\DRIVERS\stdcfltn.sys [2012-07-14 22168]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-01-01 59800]
R1 MpKsl6d78e5e5;MpKsl6d78e5e5; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4B5C756A-E700-414A-81BB-860AA3EC348D}\MpKsl6d78e5e5.sys [2018-05-01 58120]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-01-01 385024]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2017-09-29 4233728]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-14 610336]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2017-09-29 105472]
R3 bthl2cap;@bthl2cap.inf,%bthl2cap_desc%;Ovladač podpory protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\bthl2cap.sys [2017-09-29 83968]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-09-29 78848]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-09-29 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2017-09-29 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
R3 DDDriver;DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [2017-12-14 41608]
R3 DellProf;DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [2017-12-14 41208]
R3 DellRbtn;@oem96.inf,%DellRbtn%;Airplane Mode Switch; C:\WINDOWS\System32\drivers\DellRbtn.sys [2013-01-25 10752]
R3 dtlitescsibus;@oem141.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-10-05 30264]
R3 iaioi2c;@oem69.inf,%Driver_Service.Desc%;I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2ce.sys [2013-11-11 67584]
R3 iwdbus;@oem162.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-09-29 189440]
R3 SensorsHIDClassDriver;@SensorsHidClassDriver.inf,%WudfSensorsHIDClassDriverDisplayName%;UMDF Reflector service for Sensors HID Class Driver; C:\WINDOWS\System32\drivers\WUDFRd.sys [2017-09-29 259584]
R3 ST_Accel;@oem15.inf,%ST_Accel.SVCDESC%;STMicroelectronics Accelerometer Service; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [2013-11-21 83968]
R3 SynRMIHID;@oem174.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [2017-12-19 66104]
R3 SynTP;@oem175.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2017-12-19 683064]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2017-11-19 1015296]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 HyperVideo;HyperVideo; C:\WINDOWS\System32\drivers\HyperVideo.sys [2017-09-29 28160]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys []
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys [2018-01-01 192512]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFS;ReFS; C:\WINDOWS\system32\drivers\ReFS.sys [2017-09-29 1849752]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 RSUSBSTOR;@oem153.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2014-02-27 272088]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-03-14 771672]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2018-01-05 2319848]
R2 CDPUserSvc_330e0c;Uživatelská služba platformy připojených zařízení_330e0c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 DDVCollectorSvcApi;Dell Data Vault Service API; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [2017-12-14 208792]
R2 DDVRulesProcessor;Dell Data Vault Processor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [2017-12-14 217488]
R2 Dell Customer Connect;Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [2016-12-21 130936]
R2 DellDigitalDelivery;Dell Digital Delivery Service; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2015-03-16 237448]
R2 DellUpdate;Dell Update Service; C:\Program Files (x86)\Dell Update\DellUpService.exe [2018-03-27 237016]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\dusmsvc.dll
R2 Garmin Device Interaction Service;Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2018-03-27 1175056]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-04 337888]
R2 OneSyncSvc_330e0c;Hostitel synchronizace_330e0c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-01-01 519152]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2016-01-04 2065808]
R2 SupportAssistAgent;Dell SupportAssist Agent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2018-02-14 41432]
R2 SynTPEnhService;SynTPEnh Caller Service; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2017-12-19 265784]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-11-19 43648]
R3 PimIndexMaintenanceSvc_330e0c;Data kontaktů_330e0c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\system32\SEMgrSvc.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" = %SystemRoot%\System32\CDPUserSvc.dll
S2 DDVDataCollector;Dell Data Vault Collector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [2017-12-14 3294608]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; %SystemRoot%\system32\svchost.exe -k appmodel -p;"ServiceDll" = %SystemRoot%\system32\CapabilityAccessManager.dll
S3 DellProdRegManager;Dell Product Registration Manager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [2014-10-31 278568]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; %SystemRoot%\system32\svchost.exe -k DevicesFlow;"ServiceDll" = %SystemRoot%\System32\DevicesFlowBroker.dll
S3 DevicesFlowUserSvc_330e0c;Tok zařízení_330e0c; C:\WINDOWS\system32\svchost.exe -k DevicesFlow;"ServiceDll" =
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k diagnostics;"ServiceDll" = %systemroot%\system32\DiagSvc.dll
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll" = %SystemRoot%\system32\FrameServer.dll
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k GraphicsPerfSvcGroup;"ServiceDll" = %SystemRoot%\System32\GraphicsPerfSvc.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\hvhostsvc.dll
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\InstallService.dll
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\IpxlatCfg.dll
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted -p;"ServiceDll" = %SystemRoot%\System32\irmon.dll
S3 MessagingService_330e0c;Služba zasílání zpráv_330e0c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll" =
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; %SystemRoot%\system32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\System32\NaturalAuth.dll
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 159960]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; %SystemRoot%\system32\svchost.exe -k PrintWorkflow;"ServiceDll" = %SystemRoot%\System32\PrintWorkflowService.dll
S3 PrintWorkflowUserSvc_330e0c;PrintWorkflow_330e0c; C:\WINDOWS\system32\svchost.exe -k PrintWorkflow;"ServiceDll" =
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %SystemRoot%\system32\PushToInstall.dll
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\RMapi.dll
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalService -p;"ServiceDll" = %SystemRoot%\System32\SharedRealitySvc.dll
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-01-01 956416]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs -p;"ServiceDll" = %systemroot%\system32\Windows.SharedPC.AccountManager.dll

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-04-30.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-01-2018
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted MSN Homepage & Bing Search Engine

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Toto je OK. Dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.04.2018
Ran by Simona (administrator) on ANOMIS (01-05-2018 18:40:40)
Running from C:\Users\Simona\Desktop
Loaded Profiles: Simona (Available Profiles: Simona)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\WinArchiver\WAService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(forum.viry.cz) C:\Users\Simona\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3775816 2014-02-27] (Dell Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [WAHELPER.EXE] => C:\Program Files\WinArchiver\WAHELPER.EXE [504632 2015-08-16] (Power Software Ltd)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2404952 2017-03-27] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\...\Run: [BingSvc] => C:\Users\Simona\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1462184 2018-03-27] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\...\Run: [Spotify] => C:\Users\Simona\AppData\Roaming\Spotify\Spotify.exe [22454160 2018-04-10] (Spotify Ltd)
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\...\Run: [Spotify Web Helper] => C:\Users\Simona\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-04-10] (Spotify Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1462184 2018-03-27] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{ec5c62b1-0bb3-4914-ae67-eb1ab29d8137}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-1845321611-535337565-3413128556-1001 -> DefaultScope {0E2CF617-77F6-49DC-BC37-0EEBAC3740B9} URL =
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25] (Intel Security)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-02-15] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25] (Intel Security)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-25] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-09-25] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-09-25] (Intel Security)

FireFox:
========
FF DefaultProfile: 8lshsdyd.default
FF ProfilePath: C:\Users\Simona\AppData\Roaming\Mozilla\Firefox\Profiles\8lshsdyd.default [2017-04-30]
FF Homepage: Mozilla\Firefox\Profiles\8lshsdyd.default -> hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
FF Extension: (Autofill Forms) - C:\Users\Simona\AppData\Roaming\Mozilla\Firefox\Profiles\8lshsdyd.default\Extensions\autofillForms@blueimp.net.xpi [2015-12-11] [Legacy]
FF Extension: (Bing Search) - C:\Users\Simona\AppData\Roaming\Mozilla\Firefox\Profiles\8lshsdyd.default\Extensions\bingsearch.full@microsoft.com [2018-04-30] [Legacy] [not signed]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] [Legacy]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-03-27] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-03-27] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default [2018-05-01]
CHR Extension: (Prezentace) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (uBlock Origin) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-04-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Bing) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2018-05-01]
CHR Extension: (Tabulky) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Skype) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Gmail) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Simona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-30]
CHR HKU\S-1-5-21-1845321611-535337565-3413128556-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [771672 2017-03-14] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc.)
S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237016 2018-03-27] (Dell Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1175056 2018-03-27] (Garmin Ltd. or its subsidiaries)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-04] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2018-02-14] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [265784 2017-12-19] (Synaptics Incorporated)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2018-03-29] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2018-03-29] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2018-03-29] (McAfee, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-04-29] (Microsoft Corporation)
R2 WinArchiver Service; C:\Program Files\WinArchiver\WAService.exe [257336 2015-08-16] ()
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-04-29] (Microsoft Corporation)
S2 WavesSysSvc; "C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-10-05] (Disc Soft Ltd)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [83968 2013-11-21] (STMicroelectronics)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [66104 2017-12-19] (Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [41992 2017-04-01] (Intel Corporation)
R0 waemu; C:\WINDOWS\System32\Drivers\waemu.sys [142096 2015-08-16] (Power Software Ltd)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-04-29] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313888 2018-04-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-04-29] (Microsoft Corporation)
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-01 18:40 - 2018-05-01 18:42 - 000020646 _____ C:\Users\Simona\Desktop\FRST.txt
2018-05-01 18:36 - 2018-05-01 18:36 - 000112640 _____ (forum.viry.cz) C:\Users\Simona\Desktop\FRSTLauncher.exe
2018-05-01 18:26 - 2018-05-01 18:26 - 000112640 _____ (forum.viry.cz) C:\Users\Simona\Downloads\Nepotvrzeno 792067.crdownload
2018-05-01 18:22 - 2018-05-01 18:40 - 000000000 ____D C:\FRST
2018-05-01 18:20 - 2018-05-01 18:20 - 002405888 _____ (Farbar) C:\Users\Simona\Desktop\FRST64.exe
2018-05-01 12:35 - 2018-05-01 12:39 - 000799572 _____ C:\WINDOWS\Minidump\050118-39453-01.dmp
2018-05-01 12:35 - 2018-05-01 12:35 - 464191364 _____ C:\WINDOWS\MEMORY.DMP
2018-05-01 09:27 - 2018-05-01 09:28 - 000000000 ____D C:\rsit
2018-05-01 09:27 - 2018-05-01 09:27 - 000000000 ____D C:\Program Files\trend micro
2018-05-01 09:26 - 2018-05-01 09:26 - 001329152 _____ C:\Users\Simona\Downloads\RSITx64.exe
2018-05-01 09:06 - 2018-05-01 12:35 - 000000000 ____D C:\Users\Simona\AppData\Local\FSDART
2018-05-01 09:06 - 2018-05-01 09:16 - 000000000 ____D C:\ProgramData\F-Secure
2018-05-01 09:06 - 2018-05-01 09:06 - 000524248 _____ (F-Secure Corporation) C:\Users\Simona\Downloads\F-SecureOnlineScanner.exe
2018-05-01 09:06 - 2018-05-01 09:06 - 000000000 ____D C:\Users\Simona\AppData\Local\F-Secure
2018-05-01 08:36 - 2018-05-01 08:37 - 063942432 _____ (Dell Inc.) C:\Users\Simona\Downloads\Dell-Touchpad-Driver_YYK15_WIN_19.2.17.64_A10_02.EXE
2018-05-01 08:35 - 2018-05-01 08:36 - 023352576 _____ (Igor Pavlov) C:\Users\Simona\Downloads\3147A12.exe
2018-05-01 08:34 - 2018-05-01 08:34 - 002219736 _____ (Dell Inc) C:\Users\Simona\Downloads\aulauncher.exe
2018-05-01 08:22 - 2018-05-01 08:22 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-04-30 22:49 - 2018-04-30 22:49 - 001790024 _____ (Malwarebytes) C:\Users\Simona\Downloads\JRT.exe
2018-04-30 22:48 - 2018-04-30 22:49 - 005659794 _____ (Swearware) C:\Users\Simona\Downloads\ComboFix.exe
2018-04-30 22:35 - 2018-04-30 22:35 - 000001081 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-04-30 22:35 - 2018-04-30 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-04-30 22:35 - 2018-04-30 22:35 - 000000000 ____D C:\Program Files\VS Revo Group
2018-04-30 22:34 - 2018-04-30 22:34 - 007197480 _____ (VS Revo Group ) C:\Users\Simona\Downloads\revosetup.exe
2018-04-30 22:33 - 2018-04-30 22:33 - 074520496 _____ (Malwarebytes ) C:\Users\Simona\Downloads\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4922.exe
2018-04-30 22:10 - 2018-04-30 22:11 - 000000000 ____D C:\AdwCleaner
2018-04-30 22:09 - 2018-04-30 22:09 - 007271632 _____ (Malwarebytes) C:\Users\Simona\Downloads\AdwCleaner.exe
2018-04-29 12:24 - 2018-04-29 12:24 - 000002658 _____ C:\Users\Public\Desktop\Skype.lnk
2018-04-29 12:24 - 2018-04-29 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-04-14 19:37 - 2018-04-14 19:51 - 1687515136 _____ C:\Users\Simona\Downloads\Czech Made Man (2011).avi
2018-04-06 20:32 - 2018-04-06 20:32 - 000001965 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2018-04-06 20:32 - 2018-04-06 20:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2018-04-06 19:55 - 2018-04-06 20:02 - 733956096 _____ C:\Users\Simona\Downloads\Pane, vy jste vdova! (1970) CZ.avi
2018-04-06 19:54 - 2018-04-06 20:15 - 2095370520 _____ C:\Users\Simona\Downloads\Divočina [Wild] (2014) HD 720p CZ dabing.avi
2018-04-06 19:15 - 2018-04-06 19:15 - 000000000 ____D C:\Program Files (x86)\Dell Update
2018-04-04 18:31 - 2018-04-04 18:31 - 000000000 ____D C:\found.000

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-01 18:27 - 2014-11-01 19:37 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2018-05-01 18:17 - 2017-11-20 14:53 - 000000000 ____D C:\Users\Simona
2018-05-01 18:17 - 2016-03-28 05:15 - 000000000 __SHD C:\Users\Simona\IntelGraphicsProfiles
2018-05-01 18:16 - 2017-11-20 15:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-01 18:16 - 2017-11-20 14:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-01 16:48 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-05-01 16:47 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-01 16:47 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-01 16:38 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-05-01 12:40 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-05-01 12:35 - 2017-11-28 13:17 - 000000000 ____D C:\WINDOWS\Minidump
2018-05-01 08:59 - 2015-08-28 16:01 - 000000000 ____D C:\Users\Simona\AppData\Roaming\Skype
2018-05-01 08:21 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-04-30 22:43 - 2016-01-17 06:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
2018-04-30 21:58 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-04-30 16:48 - 2016-03-19 01:49 - 000000000 ____D C:\Users\Simona\AppData\Local\Spotify
2018-04-30 16:34 - 2014-11-01 19:31 - 000000000 ____D C:\ProgramData\PCDr
2018-04-30 16:30 - 2016-03-19 01:49 - 000000000 ____D C:\Users\Simona\AppData\Roaming\Spotify
2018-04-29 12:39 - 2018-02-26 12:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-04-29 12:35 - 2015-03-02 09:59 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-04-29 12:35 - 2015-03-02 09:59 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-04-29 12:25 - 2015-08-28 16:00 - 000000000 ____D C:\ProgramData\Skype
2018-04-29 12:24 - 2015-08-28 16:00 - 000000000 ___RD C:\Program Files (x86)\Skype
2018-04-11 20:58 - 2016-12-15 16:46 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-04-11 20:58 - 2016-12-15 16:37 - 000000000 ____D C:\Program Files\TrueKey
2018-04-10 21:21 - 2015-03-02 18:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-04-10 21:12 - 2017-10-11 05:08 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-10 21:12 - 2015-03-02 18:19 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-04-09 19:13 - 2017-11-20 15:19 - 006966996 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-09 19:13 - 2017-09-30 16:31 - 003433838 _____ C:\WINDOWS\system32\perfh005.dat
2018-04-09 19:13 - 2017-09-30 16:31 - 000948040 _____ C:\WINDOWS\system32\perfc005.dat
2018-04-06 20:33 - 2015-06-29 16:55 - 000000000 ____D C:\ProgramData\Package Cache
2018-04-06 20:32 - 2017-11-20 15:23 - 000003622 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2018-04-06 20:32 - 2015-06-29 16:56 - 000000000 ____D C:\ProgramData\Garmin
2018-04-06 20:32 - 2015-06-29 16:55 - 000000000 ____D C:\Program Files (x86)\Garmin
2018-04-06 19:40 - 2015-02-28 14:05 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-04-06 19:33 - 2013-08-22 15:25 - 000000199 _____ C:\WINDOWS\win.ini
2018-04-06 19:15 - 2014-11-01 19:31 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2018-04-06 19:10 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-04-03 21:37 - 2017-12-14 15:39 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-04-03 21:37 - 2017-12-14 15:39 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-09-27 15:36 - 2017-07-25 05:07 - 000000600 _____ () C:\Users\Simona\AppData\Roaming\winscp.rnd

Some files in TEMP:
====================
2018-04-29 12:16 - 2018-04-29 12:17 - 058834376 _____ (Skype Technologies S.A.) C:\Users\Simona\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\simplitec Power Suite (Tray).job => C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Simona\Desktop" je 80957 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\...\Run: [BingSvc] => C:\Users\Simona\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
C:\Users\Simona\AppData\Local\Microsoft\BingSvc
SearchScopes: HKU\S-1-5-21-1845321611-535337565-3413128556-1001 -> DefaultScope {0E2CF617-77F6-49DC-BC37-0EEBAC3740B9} URL =
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__ ... M__&query={searchTerms}
C:\Users\Simona\AppData\Local\Temp
Task: C:\WINDOWS\Tasks\simplitec Power Suite (Tray).job => C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => -> No File
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {0AAD648C-2E45-4EC2-BDDD-763EDE62195D} - System32\Tasks\{3D51994C-471B-444D-8D27-9079CBF81F6D} => C:\Windows\system32\pcalua.exe -a E:\Sims2SP2_Uninst.exe -d E:\
Task: {10FE8503-2D0A-4433-B9C5-0664200D843A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1741D225-72A6-4C4F-BF17-1D656E6227B9} - System32\Tasks\{8DC1705F-89CF-44C7-91C0-0D181D43FF35} => C:\Windows\system32\pcalua.exe -a C:\Users\Simona\Downloads\TheSims2Introduction\TheSims2Introduction\TS2Sampler_Install.exe -d C:\Users\Simona\Downloads\TheSims2Introduction\TheSims2Introduction
Task: {196B22B1-85BB-4BF3-8008-D01FB6EBB4D4} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {23055A80-2E43-4B06-8276-6ACFC0F5422D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {283F018B-4E2E-4B31-A1A8-99FA4A924ED4} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION
Task: {2965A01A-681F-4B16-860F-6472DE534716} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {321EC7CD-104F-4962-B170-6337FB79C4FA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {448745AA-9C4E-4466-9590-23EBCB1109F6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6C6271D4-4C01-4E37-9B93-071212906E5C} - System32\Tasks\{6AB44BD6-3765-4799-8EA2-F0CA2F3B900B} => C:\Windows\system32\pcalua.exe -a E:\eauninstall.exe -d E:\
Task: {7405D5D1-532F-44C7-98D7-110FCCCFFD3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {85835B4B-5064-41CF-A68D-560EEA021CA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8BAAF9BD-11A7-4C18-9A39-D13A8880C0E5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8BAE2DBB-8A53-4243-BF5C-0DC7C6DC2B00} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A2D8D9B3-0BE7-4F2E-AE92-41982CB8132C} - System32\Tasks\simplitec Power Suite (Tray) => C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: {A3F27BEA-CE0B-40BB-BA76-EF5A0844611D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {B0868ACF-525C-4056-984F-52DF46930D55} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {BEEB6492-512B-405A-B564-7F4F2831DF98} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C8C3098C-F988-4E9F-98C6-E53C2C0367F9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F6FDC659-5770-431B-8E04-FA86F44D46D7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Simona\Desktop" je 80957 MB.

To je příliš mnoho a může to způsobovat zpomalený start systému. Vytvořte v C:\Users\Simona novou složku, do níž přesuňte všechna data z plochy. Na plochu si pak dejte zástupce té složky pro snazší přístup.

Fix result of Farbar Recovery Scan Tool (x64) Version: 06.05.2018
Ran by Simona (06-05-2018 17:20:58) Run:1
Running from C:\Users\Simona\Desktop
Loaded Profiles: Simona (Available Profiles: Simona)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-1845321611-535337565-3413128556-1001\...\Run: [BingSvc] => C:\Users\Simona\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (� 2015 Microsoft Corporation)
C:\Users\Simona\AppData\Local\Microsoft\BingSvc
SearchScopes: HKU\S-1-5-21-1845321611-535337565-3413128556-1001 -> DefaultScope {0E2CF617-77F6-49DC-BC37-0EEBAC3740B9} URL =
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM ... PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__ ... M__&query={searchTerms}
C:\Users\Simona\AppData\Local\Temp
Task: C:\WINDOWS\Tasks\simplitec Power Suite (Tray).job => C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => -> No File
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {0AAD648C-2E45-4EC2-BDDD-763EDE62195D} - System32\Tasks\{3D51994C-471B-444D-8D27-9079CBF81F6D} => C:\Windows\system32\pcalua.exe -a E:\Sims2SP2_Uninst.exe -d E:\
Task: {10FE8503-2D0A-4433-B9C5-0664200D843A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {1741D225-72A6-4C4F-BF17-1D656E6227B9} - System32\Tasks\{8DC1705F-89CF-44C7-91C0-0D181D43FF35} => C:\Windows\system32\pcalua.exe -a C:\Users\Simona\Downloads\TheSims2Introduction\TheSims2Introduction\TS2Sampler_Install.exe -d C:\Users\Simona\Downloads\TheSims2Introduction\TheSims2Introduction
Task: {196B22B1-85BB-4BF3-8008-D01FB6EBB4D4} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {23055A80-2E43-4B06-8276-6ACFC0F5422D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {283F018B-4E2E-4B31-A1A8-99FA4A924ED4} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\KMPFaster\PowerSuite.exe <==== ATTENTION
Task: {2965A01A-681F-4B16-860F-6472DE534716} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {321EC7CD-104F-4962-B170-6337FB79C4FA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {448745AA-9C4E-4466-9590-23EBCB1109F6} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6C6271D4-4C01-4E37-9B93-071212906E5C} - System32\Tasks\{6AB44BD6-3765-4799-8EA2-F0CA2F3B900B} => C:\Windows\system32\pcalua.exe -a E:\eauninstall.exe -d E:\
Task: {7405D5D1-532F-44C7-98D7-110FCCCFFD3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {85835B4B-5064-41CF-A68D-560EEA021CA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8BAAF9BD-11A7-4C18-9A39-D13A8880C0E5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8BAE2DBB-8A53-4243-BF5C-0DC7C6DC2B00} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A2D8D9B3-0BE7-4F2E-AE92-41982CB8132C} - System32\Tasks\simplitec Power Suite (Tray) => C:\Program Files (x86)\simplitec\KMPFaster\ServiceProvider.exe <==== ATTENTION
Task: {A3F27BEA-CE0B-40BB-BA76-EF5A0844611D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {B0868ACF-525C-4056-984F-52DF46930D55} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {BEEB6492-512B-405A-B564-7F4F2831DF98} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C8C3098C-F988-4E9F-98C6-E53C2C0367F9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F6FDC659-5770-431B-8E04-FA86F44D46D7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-1845321611-535337565-3413128556-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc" => removed successfully
C:\Users\Simona\AppData\Local\Microsoft\BingSvc => moved successfully
"HKU\S-1-5-21-1845321611-535337565-3413128556-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully

"C:\Users\Simona\AppData\Local\Temp" folder move:

Could not move "C:\Users\Simona\AppData\Local\Temp" => Scheduled to move on reboot.

C:\WINDOWS\Tasks\simplitec Power Suite (Tray).job => moved successfully
C:\WINDOWS\Tasks\simplitec Power Suite.job => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DBARFileBackuped" => removed successfully
HKLM\Software\Classes\CLSID\{831cebdd-6baf-4432-be76-9e0989c14aef} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DBARFileNotBackuped" => removed successfully
HKLM\Software\Classes\CLSID\{275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0AAD648C-2E45-4EC2-BDDD-763EDE62195D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AAD648C-2E45-4EC2-BDDD-763EDE62195D}" => removed successfully
C:\WINDOWS\System32\Tasks\{3D51994C-471B-444D-8D27-9079CBF81F6D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3D51994C-471B-444D-8D27-9079CBF81F6D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10FE8503-2D0A-4433-B9C5-0664200D843A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10FE8503-2D0A-4433-B9C5-0664200D843A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1741D225-72A6-4C4F-BF17-1D656E6227B9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1741D225-72A6-4C4F-BF17-1D656E6227B9}" => removed successfully
C:\WINDOWS\System32\Tasks\{8DC1705F-89CF-44C7-91C0-0D181D43FF35} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8DC1705F-89CF-44C7-91C0-0D181D43FF35}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{196B22B1-85BB-4BF3-8008-D01FB6EBB4D4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{196B22B1-85BB-4BF3-8008-D01FB6EBB4D4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{23055A80-2E43-4B06-8276-6ACFC0F5422D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23055A80-2E43-4B06-8276-6ACFC0F5422D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{283F018B-4E2E-4B31-A1A8-99FA4A924ED4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{283F018B-4E2E-4B31-A1A8-99FA4A924ED4}" => removed successfully
C:\WINDOWS\System32\Tasks\simplitec Power Suite => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\simplitec Power Suite" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2965A01A-681F-4B16-860F-6472DE534716}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2965A01A-681F-4B16-860F-6472DE534716}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{321EC7CD-104F-4962-B170-6337FB79C4FA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{321EC7CD-104F-4962-B170-6337FB79C4FA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{448745AA-9C4E-4466-9590-23EBCB1109F6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{448745AA-9C4E-4466-9590-23EBCB1109F6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C6271D4-4C01-4E37-9B93-071212906E5C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C6271D4-4C01-4E37-9B93-071212906E5C}" => removed successfully
C:\WINDOWS\System32\Tasks\{6AB44BD6-3765-4799-8EA2-F0CA2F3B900B} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6AB44BD6-3765-4799-8EA2-F0CA2F3B900B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7405D5D1-532F-44C7-98D7-110FCCCFFD3F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7405D5D1-532F-44C7-98D7-110FCCCFFD3F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{85835B4B-5064-41CF-A68D-560EEA021CA1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85835B4B-5064-41CF-A68D-560EEA021CA1}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BAAF9BD-11A7-4C18-9A39-D13A8880C0E5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BAAF9BD-11A7-4C18-9A39-D13A8880C0E5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BAE2DBB-8A53-4243-BF5C-0DC7C6DC2B00}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BAE2DBB-8A53-4243-BF5C-0DC7C6DC2B00}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A2D8D9B3-0BE7-4F2E-AE92-41982CB8132C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2D8D9B3-0BE7-4F2E-AE92-41982CB8132C}" => removed successfully
C:\WINDOWS\System32\Tasks\simplitec Power Suite (Tray) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\simplitec Power Suite (Tray)" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3F27BEA-CE0B-40BB-BA76-EF5A0844611D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3F27BEA-CE0B-40BB-BA76-EF5A0844611D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0868ACF-525C-4056-984F-52DF46930D55}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0868ACF-525C-4056-984F-52DF46930D55}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEEB6492-512B-405A-B564-7F4F2831DF98}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEEB6492-512B-405A-B564-7F4F2831DF98}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8C3098C-F988-4E9F-98C6-E53C2C0367F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8C3098C-F988-4E9F-98C6-E53C2C0367F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F6FDC659-5770-431B-8E04-FA86F44D46D7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6FDC659-5770-431B-8E04-FA86F44D46D7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8675328 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45571107 B
Java, Flash, Steam htmlcache => 2130 B
Windows/system/drivers => 6146931 B
Edge => 1429137 B
Chrome => 542062209 B
Firefox => 64824698 B
Opera => 4118896 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 704512 B
NetworkService => 884388 B
Simona => 265948812 B

RecycleBin => 0 B
EmptyTemp: => 896.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 06-05-2018 17:34:20)

C:\Users\Simona\AppData\Local\Temp => moved successfully

Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.

==== End of Fixlog 17:34:31 ====

Smazáno. Nastala nějaká změna?

Stale 100% , nyni pruzkumnik mel treba 70% ale vetsinou to preskakuje a je to kazdou chvili neco jinyho

Na zkoušku vypněte aut. aktualizace a zjistěte, zda zátěž poklesla.