VIRY.CZ

Dobrý den,
chtěl bych požádat o kontrolu logu. Nemyslím si, že by byla v počítači havěť, ale někde se vyskytl problém. Obdobný se tady úspěšně řešil. U Win 10 Home mi z nabídky Zabezpečení Windows zmizela možnost ochrany před hrozbami a viry, při pokusu o spuštění/kontrolu se objeví hláška:
"Stránka není k dispozici - Váš správce IT omezil přístup k některým oblastem této aplikace a položka, ke které jste se pokusili získat přístup, není k dispozici. O další informace požádejte helpdesk IT."

OS byl kupován samostatně a nejedná se o firemní licenci, tedy žádný IT správce nic neomezoval.
Předem díky za pomoc.

Kvůli délky logů je zasílám v příloze.

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
Nechaj zaskrtnute vsetky nalezy
Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah sem skopiruj

Ahoj,
níže zasílám výpis. Nebyl nalezen žádný problém, pouze předinstalované aplikace.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build: 11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-02-2019
# Duration: 00:00:16
# OS: Windows 10 Home
# Scanned: 35225
# Detected: 33

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.DellCommand|PowerManager Folder C:\Program Files\DELL\COMMANDPOWERMANAGER
Preinstalled.DellCommand|PowerManager Folder C:\ProgramData\DELL\COMMANDPOWERMANAGER
Preinstalled.DellCommand|PowerManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}
Preinstalled.DellQuickset Folder C:\Program Files\DELL\QUICKSET
Preinstalled.DellQuickset Folder C:\ProgramData\DELL\QUICKSET
Preinstalled.DellQuickset Registry HKLM\Software\Classes\CLSID\{518741A2-FEDB-4917-934D-28BE560D45BA}
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|QuickSet
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|QuickSet
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87CF757E-C1F1-4D22-865C-00C6950B5258}
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AGENT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\AGENT
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3BD21175-98CA-41FC-AC54-CF1E5CBA2400}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BD21175-98CA-41FC-AC54-CF1E5CBA2400}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Preinstalled.DellSupportAssistAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5832D99C-C9C6-437F-861C-43ED6333956F}
Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5EBBC1DA-975F-44A0-B438-F325BCD45577}
Preinstalled.SmartByte Folder C:\Program Files\RIVET NETWORKS
Preinstalled.SmartByte Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIVET NETWORKS
Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{831E75CC-DB34-4562-8EE2-B5282193313E}
Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartByte Telemetry
Preinstalled.SmartByte Task C:\Windows\System32\Tasks\SMARTBYTE TELEMETRY

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Poprosim o obidva nove logy z FRST.

Zasílám opět v příloze.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CMD: RD /S /Q "%WinDir%\System32\GroupPolicyUsers"
CMD: RD /S /Q "%WinDir%\System32\GroupPolicy"
CMD: gpupdate /force

Task: {1E927A07-3C5A-454C-9E0E-57F33140B06E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {26CF0F87-5B9F-4131-9ED6-27181E33C9D7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {2E557E97-341A-41B8-8D1F-34D29667BC30} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {2E5B7A8F-3AD2-462F-AA54-C7951D27370A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {30662AB7-9D2D-4E9A-B0DB-7DD0F0944E5A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {31262510-DD01-4FA0-8F10-D62D26F51788} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {33DEDE63-AF2B-46F3-8E48-B13B369CF7DB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [330240 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5469B8B6-54CC-439D-89AD-2AF7B435E91F} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {85551388-E3B8-4561-9F61-D1DA670D78B7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [330240 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {A2B647DB-0272-4198-A03B-8F3C8004485C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {A4C000AB-5530-46C3-B521-997DDE638A57} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {C392357B-D49D-48EF-A6EA-760CA227E5A0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {C49DBC36-88E6-4653-8CAE-295B7D837E82} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-501826139-2012490160-4225290962-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-501826139-2012490160-4225290962-1001 -> DefaultScope {369A650A-B087-4C98-A0B0-6B89EBCAC80A} URL = 
2019-12-03 22:11 - 2019-12-03 22:11 - 000000000 ____D C:\Users\Bodie\Desktop\FRST-OlderVersion

CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Provedeno, zasílám log. Ne vše se očividně udělalo.

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-12-2019 01
Ran by Bodie (05-12-2019 07:16:07) Run:1
Running from C:\Users\Bodie\Desktop
Loaded Profiles: Bodie (Available Profiles: Bodie)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CMD: RD /S /Q "%WinDir%\System32\GroupPolicyUsers"
CMD: RD /S /Q "%WinDir%\System32\GroupPolicy"
CMD: gpupdate /force

Task: {1E927A07-3C5A-454C-9E0E-57F33140B06E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {26CF0F87-5B9F-4131-9ED6-27181E33C9D7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {2E557E97-341A-41B8-8D1F-34D29667BC30} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {2E5B7A8F-3AD2-462F-AA54-C7951D27370A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {30662AB7-9D2D-4E9A-B0DB-7DD0F0944E5A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {31262510-DD01-4FA0-8F10-D62D26F51788} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {33DEDE63-AF2B-46F3-8E48-B13B369CF7DB} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [330240 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5469B8B6-54CC-439D-89AD-2AF7B435E91F} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {85551388-E3B8-4561-9F61-D1DA670D78B7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [330240 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {A2B647DB-0272-4198-A03B-8F3C8004485C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {A4C000AB-5530-46C3-B521-997DDE638A57} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {C392357B-D49D-48EF-A6EA-760CA227E5A0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
Task: {C49DBC36-88E6-4653-8CAE-295B7D837E82} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-04] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-501826139-2012490160-4225290962-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-501826139-2012490160-4225290962-1001 -> DefaultScope {369A650A-B087-4C98-A0B0-6B89EBCAC80A} URL =
2019-12-03 22:11 - 2019-12-03 22:11 - 000000000 ____D C:\Users\Bodie\Desktop\FRST-OlderVersion

CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Count : 1607
Average :
Sum : 811414571
Maximum :
Minimum :
Property : Length

========= End of Powershell: =========

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => could not remove, key could be protected

========= RD /S /Q "%WinDir%\System32\GroupPolicyUsers" =========

Syst‚m nem…§e nal‚zt uvedeně soubor.

========= End of CMD: =========

========= RD /S /Q "%WinDir%\System32\GroupPolicy" =========

Syst‚m nem…§e nal‚zt uvedeně soubor.

========= End of CMD: =========

========= gpupdate /force =========

Updating policy...

Computer Policy update has completed successfully.

User Policy update has completed successfully.

========= End of CMD: =========

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E927A07-3C5A-454C-9E0E-57F33140B06E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E927A07-3C5A-454C-9E0E-57F33140B06E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Win10 S Mode event listener created by enrollment client => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Win10 S Mode event listener created by enrollment client" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26CF0F87-5B9F-4131-9ED6-27181E33C9D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26CF0F87-5B9F-4131-9ED6-27181E33C9D7}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #3 created by enrollment client => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #3 created by enrollment client" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E557E97-341A-41B8-8D1F-34D29667BC30}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E557E97-341A-41B8-8D1F-34D29667BC30}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushLaunch => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushLaunch" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E5B7A8F-3AD2-462F-AA54-C7951D27370A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E5B7A8F-3AD2-462F-AA54-C7951D27370A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #2 created by enrollment client => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #2 created by enrollment client" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30662AB7-9D2D-4E9A-B0DB-7DD0F0944E5A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30662AB7-9D2D-4E9A-B0DB-7DD0F0944E5A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\OS Edition Upgrade event listener created by enrollment client => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\OS Edition Upgrade event listener created by enrollment client" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31262510-DD01-4FA0-8F10-D62D26F51788}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31262510-DD01-4FA0-8F10-D62D26F51788}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushRenewal => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushRenewal" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33DEDE63-AF2B-46F3-8E48-B13B369CF7DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33DEDE63-AF2B-46F3-8E48-B13B369CF7DB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by server => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by server" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5469B8B6-54CC-439D-89AD-2AF7B435E91F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5469B8B6-54CC-439D-89AD-2AF7B435E91F}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule created by enrollment client for renewal of certificate warning => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule created by enrollment client for renewal of certificate warning" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85551388-E3B8-4561-9F61-D1DA670D78B7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85551388-E3B8-4561-9F61-D1DA670D78B7}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by client => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule to run OMADMClient by client" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A2B647DB-0272-4198-A03B-8F3C8004485C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A2B647DB-0272-4198-A03B-8F3C8004485C}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Provisioning initiated session => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Provisioning initiated session" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4C000AB-5530-46C3-B521-997DDE638A57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4C000AB-5530-46C3-B521-997DDE638A57}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushUpgrade => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\PushUpgrade" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C392357B-D49D-48EF-A6EA-760CA227E5A0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C392357B-D49D-48EF-A6EA-760CA227E5A0}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Passport for Work alert created by enrollment client => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Passport for Work alert created by enrollment client" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C49DBC36-88E6-4653-8CAE-295B7D837E82}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C49DBC36-88E6-4653-8CAE-295B7D837E82}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #1 created by enrollment client => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\6FE31862-BD7D-497A-9130-418B0081588A\Schedule #1 created by enrollment client" => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\S-1-5-21-501826139-2012490160-4225290962-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
C:\Users\Bodie\Desktop\FRST-OlderVersion => moved successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220} => removed successfully
HKU\S-1-5-21-501826139-2012490160-4225290962-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1} => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 523188443 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 17195049 B
Edge => 571837 B
Chrome => 0 B
Firefox => 1226761586 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 3701004 B
systemprofile32 => 3701004 B
LocalService => 3701004 B
NetworkService => 3908188 B
Bodie => 13081492 B

RecycleBin => 156787 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-12-2019 07:19:32)

Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully

==== End of Fixlog 07:19:33 ====

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

CMD: RD /S /Q "%WinDir%\System32\GroupPolicyUsers"
CMD: RD /S /Q "%WinDir%\System32\GroupPolicy"
CMD: gpupdate /force

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Nasledne poprosim aj o obidva nove logy z FRST

Všechny tři logy zasílám v příloze.
Zkoušel jsem složku GroupPolicy i GroupPolicyUsers vyhledat, ale nikde jsem je nenašel.

Logy uz vyzeraju OK, nastavenia Group Policy boli resetovane. Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?

Vypadá to beze změny - při snaze zkontrolovat soubor přes Defender - pravé tlačítko a Zkontrolovat..., tak naskočí hláška "Stránka není k dispozici, Váš IT správce omezil přístup..."
A při cestě Start - Nastavení - Aktualizace a zabezpečení - Zabezpečení Windows - není zobrazeno nic z nabídky, vypadá to, jako by byl Defender neaktivní.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center|UILockdown

End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Provedeno, chování pořád stejné.

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-12-2019
Ran by Bodie (07-12-2019 10:53:36) Run:3
Running from C:\Users\Bodie\Desktop
Loaded Profiles: Bodie (Available Profiles: Bodie)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center|UILockdown

End
*****************

Processes closed successfully.
Restore point was successfully created.
================== ExportKey: ===================

"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center" => not found

=== End of ExportKey ===
"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\\UILockdown" => not found

The system needed a reboot.

==== End of Fixlog 10:53:45 ====

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
```
Start
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft
End
```
Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Pockaj na dokoncenie
Tentokrat to bude bez restartu, otvori sa Fixlog.txt (pripadne bude na ploche), jeho obsah sem skopiruj

Poprosim aj o obidva nove logy z FRST a screenshot z chybovej hlasky, ktora sa vyskytuje.

Provedeno, zasílám vše v příloze.

Info_screen je v případě, že na soubor kliknu pravým tpačítkem a pokusím se spustit kontrolu přes Defender.

Info_screen2 je nabídka přes start / nastavení / aktualizace a zabezpečení / Zabezpečení windows. Po kliknutí na spustit se dostávám na stejnou obrazovku jako v předchozím případě.

Info_screen3 je pokud na první obrazovce najedu do nastavení / Spravovat poskytovatele.

Ještě jsem se díval a Defender nikde nevidím, tedy v Program FIles je složka Windows Defender s určitými soubory, ale není zde správný spustitelný soubor, v ovládacích panelech defender není, přes nabídku Start nejde najít,...

VIRY.CZ

Prosím o preventivní kontrolu logu kvůli blokaci defenderu

Prosím o preventivní kontrolu logu kvůli blokaci defenderu

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende

Re: Prosím o preventivní kontrolu logu kvůli blokaci defende