
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
vyskakujicici okna z chrome prohlizece
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
vyskakujicici okna z chrome prohlizece
Dobry den,
k brouzdani pouzivam CHRome a obcas se mi stane ze vyskoci reklama na nejaky clanek v externim okne,. Je mozne to nejak zrusit??Diky
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Dell_tatka (06-01-2020 10:12:31)
Running from C:\Users\Dell_tatka\Desktop
Windows 10 Home Version 1903 18362.535 (X64) (2019-07-26 05:12:15)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-139710159-428793708-3185880871-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-139710159-428793708-3185880871-503 - Limited - Disabled)
Dell_tatka (S-1-5-21-139710159-428793708-3185880871-1001 - Administrator - Enabled) => C:\Users\Dell_tatka
Guest (S-1-5-21-139710159-428793708-3185880871-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-139710159-428793708-3185880871-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{a914536c-bd41-479c-96aa-dee4a9639c22}) (Version: 21.10.1 - Intel Corporation)
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.1.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{736A97C6-8766-3699-84A9-71736C5E0CE3}) (Version: 3.1.11.0 - Dropbox, Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.1.6664.10 - PC-Doctor, Inc.) Hidden
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
GFExperience.Deployer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer) (Version: 3.13.1.30 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
I.CA Diagnostic (HKLM-x32\...\{6969F77F-418C-448B-9CA2-D7304112609E}) (Version: 1.2.8.0 - První certifikační autorita, a.s.) Hidden
I.CA Diagnostic (HKLM-x32\...\I.CA Diagnostic 1.2.8.0) (Version: 1.2.8.0 - První certifikační autorita, a.s.)
I.CA Maintenance (HKLM-x32\...\{29BC7C1E-3AEC-47AB-B820-FC16D759F1B3}) (Version: 1.3.0.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.0.0) (Version: 1.3.0.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{446955F6-A94B-4293-B646-43A9ADD4D62B}) (Version: 1.2.5.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.2.5.0) (Version: 1.2.5.0 - První certifikační autorita, a.s.)
I.CA SecureStore 4.5 (HKLM\...\{974DE7F0-8CE5-4269-9395-2E1314A7E8CB}) (Version: 4.5 - První certifikační autorita, a.s.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Network Scanner version 4.0.0.199 (HKLM-x32\...\Network Scanner_is1) (Version: 4.0.0.199 - LizardSystems)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.11.00.445 - Huawei Technologies Co.,Ltd)
Ovládací panel NVIDIA 391.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.25 - NVIDIA Corporation) Hidden
Ovladač skeneru SHARP MFP TWAIN K (HKLM-x32\...\SHARP MFP TWAIN K Scanner Driver) (Version: 1.00.000 - SHARP)
PDP 2016.01 (HKLM-x32\...\Podnikový a domácí právník 2016_is1) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\PhotoFiltre Studio X) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Printer Status Monitor Version 4.2.0 (HKLM-x32\...\Printer Status Monitor) (Version: 4 - SHARP)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.5.02 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21289 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8578 - Realtek Semiconductor Corp.)
Registrace produktu (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:) Hidden
Registrace produktu Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:)
SHARP MX/MX-M/DX Series PCL/PS Printer Driver (HKLM-x32\...\SHARP MX-2310U PCL PS Printer Driver) (Version: 1.00.000 - SHARP)
Sharpdesk (HKLM-x32\...\{2A30AFBD-6DA5-499F-A83B-7CB2DFF21C23}) (Version: 3.3 - SHARP CORPORATION)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
SmartPSS 2.02.1 (HKLM-x32\...\SmartPSS) (Version: 2.02.1 - )
STORMWARE POHODA Start CZ (HKLM-x32\...\{9048A3CC-D8F1-46FD-91D4-1D157BE71447}) (Version: 11601.12 - STORMWARE)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{139493B2-F1BC-4F05-A974-B49297C1EB04}) (Version: 1.1.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_SK_is1) (Version: 18.0.1.4 - ZONER software)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-01] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-10] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-01-08] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxDTCM.dll [2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Dell_tatka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2016-03-04 17:31 - 2015-06-02 18:51 - 000127057 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh3.dll
2016-03-04 17:31 - 2015-07-28 17:38 - 000143449 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh4.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000127062 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\ShDevice.dll
2016-03-04 17:31 - 2015-06-02 18:50 - 000770048 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSNMP2.dll
2016-03-04 17:31 - 2015-06-02 18:50 - 000106496 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSnmpWrapper.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000061520 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\MIBaccs.dll
2016-03-04 17:31 - 2015-07-28 17:38 - 000094208 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResSh3CSY.DLL
2016-03-04 17:31 - 2015-07-28 17:38 - 000077824 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResSh4CSY.DLL
2016-03-04 17:31 - 2015-07-28 17:39 - 000094208 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResShDeviceCSY.DLL
2016-03-04 17:31 - 2015-07-28 17:39 - 000090112 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\resources\resSMON2CSY.dll
2016-03-04 17:31 - 2015-06-02 18:44 - 000131072 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\SMONIPRV.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000028752 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\smonpdb.dll
2011-12-23 00:01 - 2011-12-23 00:01 - 000930304 _____ () [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\SCprMfpif.dll
2018-01-10 07:33 - 2009-06-23 03:42 - 000043008 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2018-01-10 07:33 - 2009-01-10 19:32 - 000011362 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2018-01-10 07:33 - 2013-08-31 06:44 - 002417152 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2018-01-10 07:33 - 2013-08-31 06:46 - 001148416 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2016-01-07 10:47 - 2016-06-14 21:01 - 001298640 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2011-12-22 23:44 - 2011-12-22 23:44 - 000257024 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\FlowManager.dll
2011-12-15 16:54 - 2011-12-15 16:54 - 000563200 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\mfpngbh.dll
2011-12-23 00:05 - 2011-12-23 00:05 - 000596480 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\ProfMgr.dll
2011-12-22 23:43 - 2011-12-22 23:43 - 000434176 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\Resources\resndkENU.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-05-29 09:05 - 2019-05-29 10:55 - 000000433 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dell_tatka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 185.108.120.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{43C77527-8A8E-4D5B-987C-03D383F418B2}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [TCP Query User{071C9637-CF6F-461E-8B86-57DF5989C3E3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{95423BA3-EF06-4AEC-8800-D51CD361E06A}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe No File
FirewallRules: [UDP Query User{C5D43968-36F4-4213-B016-6E17C858ACCF}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{58B3A1A2-119A-4DE4-96AB-90B076E003BD}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{CD7BF9AE-44B5-491E-AC29-DBB265E02E71}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{4627DD6A-FB29-4A81-B24E-9DC32894066D}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{EACC7C3C-6164-44F0-A86A-F0EF51CBF3F1}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Block) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [TCP Query User{E6DD19BC-8EB7-4707-8108-30A32D7EF2B4}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Block) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [UDP Query User{AE6D0C3E-E556-4673-AD2A-6545F570DC33}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Allow) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [TCP Query User{08083C2E-7EEB-4C6C-89CD-07EFEDB602E8}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Allow) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [{F626C789-9157-46E5-A1E8-D472DFB2875A}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [{14B689EE-47F9-4EE0-9439-107D75FC74A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe (Intel(R) Wireless Display -> )
FirewallRules: [{17317716-F47E-489E-AEF9-958155AA5BAF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe No File
FirewallRules: [{C13CE699-DE4A-4B71-9AD8-AE91943FD78C}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe (Intel(R) Wireless Display -> Intel Corporation)
FirewallRules: [{D35D9F3A-8937-4B10-95C4-10BDD24A07A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{FA1F0C9D-C24B-4688-9C4A-82E9364ED369}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{43259E2C-5155-4BA2-82E9-79DB28843A45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC847E9C-8E33-428E-861D-2DFB149493CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66ACB363-159C-4C7D-8AA3-913FDF06AA17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{DC9908B4-A5DA-410E-96BE-66A52896A7AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{6BF98FC1-EB55-48D1-B66D-F4213EE19470}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{74BEB868-02AC-40EC-8FD6-628BF054BD3C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{47C4AE9F-A06B-4150-804F-5CF4A07C506F}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [TCP Query User{0D99E45A-5114-4A57-BAE6-4D02C6000634}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [UDP Query User{69AA6F1F-7B36-4B37-8CCB-85BE8F2F23E3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{ADE6A743-C2B0-4F6C-BE53-536C22163ABE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [TCP Query User{05939026-83F2-4A24-B769-C447CC62B6C3}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [UDP Query User{A2090841-236F-4956-9F85-BB85A3ACE5E4}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [{09EBA353-2051-4324-9D8E-24BB961FBCFC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:106.15 GB) (Free:5.9 GB) (6%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/06/2020 09:24:29 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8692,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/06/2020 07:49:41 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 24920; požadovaná velikost: 33592.
Error: (01/06/2020 07:06:35 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13260,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/06/2020 06:02:37 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12132,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/05/2020 02:33:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14768,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/05/2020 02:29:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RuntimeBroker.exe, verze: 10.0.18362.1, časové razítko: 0x4539d5a0
Název chybujícího modulu: RasMediaManager.dll, verze: 10.0.18362.1, časové razítko: 0xbdd09b8e
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000051d1
ID chybujícího procesu: 0x258
Čas spuštění chybující aplikace: 0x01d5c3cbf6a14706
Cesta k chybující aplikaci: C:\Windows\System32\RuntimeBroker.exe
Cesta k chybujícímu modulu: C:\Windows\System32\RasMediaManager.dll
ID zprávy: 6b7b6612-0345-4c11-b307-e662fe8dd7c7
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: runtimebroker07f4358a809ac99a64a67c1
Error: (01/05/2020 02:27:56 PM) (Source: NSSDK.CprMfpif.1) (EventID: 8226) (User: )
Description: Event-ID 8226
Error: (01/05/2020 02:27:52 PM) (Source: NSSDK.MfpifValidator.1) (EventID: 8226) (User: )
Description: IP 192.168.1.199 cannot be reached on the network. (0x8215110b)
System errors:
=============
Error: (01/06/2020 05:54:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_433971a byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (01/05/2020 02:27:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_413d7b6 byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (01/05/2020 08:39:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_3fa6215 byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (01/04/2020 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/04/2020 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/04/2020 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/04/2020 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/04/2020 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2019-10-11 09:15:18.348
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Program Files\KMSpico\AutoPico.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Verze bezpečnostních informací: AV: 1.245.822.0, AS: 1.245.822.0, NIS: 1.245.822.0
Verze modulu: AM: 1.1.13804.0, NIS: 1.1.13804.0
Date: 2019-10-11 09:15:16.300
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Program Files\KMSpico\Service_KMS.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Verze bezpečnostních informací: AV: 1.245.822.0, AS: 1.245.822.0, NIS: 1.245.822.0
Verze modulu: AM: 1.1.13804.0, NIS: 1.1.13804.0
CodeIntegrity:
===================================
Date: 2020-01-06 07:03:11.904
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-06 07:03:11.891
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-06 05:54:51.179
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-05 08:40:18.601
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-04 08:56:18.132
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-04 08:56:18.123
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-04 08:55:49.949
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-03 08:15:45.996
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.2.7 12/13/2017
Motherboard: Dell Inc. 000000
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 32%
Total physical RAM: 16254.29 MB
Available physical RAM: 11003.26 MB
Total Virtual: 18686.29 MB
Available Virtual: 12822.15 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:106.15 GB) (Free:5.9 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:928.41 GB) NTFS
\\?\Volume{8dc6a76a-60a4-4395-bb7f-f97ead963c53}\ (WINRETOOLS) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{537221fb-1e09-4fc8-a093-6569b7543d8e}\ (Image) (Fixed) (Total:11.6 GB) (Free:0.44 GB) NTFS
\\?\Volume{9a51c001-1279-4ec0-bc9d-b961b90eff20}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 24B8784C)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 3E66F4BB)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by Dell_tatka (administrator) on DELL (Dell Inc. Inspiron 7559) (06-01-2020 10:11:32)
Running from C:\Users\Dell_tatka\Desktop
Loaded Profiles: Dell_tatka (Available Profiles: Dell_tatka)
Platform: Windows 10 Home Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe
(@ByELDI -> @ByELDI) [File not signed] C:\Program Files\KMSpico\Service_KMS.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) [File not signed] C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc -> Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(EnTech Taiwan -> EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\FTPServer.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\nsapp.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\SharpTray.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9278152 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3075552 2015-04-30] (Dell Inc -> Dell Inc.) [File not signed]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [SN02IPRW] => C:\Windows\SysWOW64\SN02SELC.EXE [135168 2005-02-15] (SHARP CORPORATION) [File not signed]
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [183088 2019-12-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2016-04-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [SharpTray.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe [156672 2011-12-20] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [FtpServer.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\FtpServer.exe [820224 2011-12-22] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [IndexTray.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\IndexTray.exe [395264 2011-12-20] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [ICAMaintenance_ICAPKIService_RegKeysRefresh] => C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --notification-launch-id=3|0|Default|0|hxxps://www.cestujlevne.com/|p#hxxps://www.cest ... b08aecdfcd --flag-switches-begin --flag-switches-end --restore-last-session
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {6e6b3076-f1f5-11e7-9c26-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc29b-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc481-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2016-06-13]
ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan -> EnTech Taiwan)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printer Status Monitor.lnk [2016-03-04]
ShortcutTarget: Printer Status Monitor.lnk -> C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04E49419-204A-438C-A059-B335E4346E83} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {10971286-2681-434A-AD83-9DBE477AE885} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {14650F43-B992-4118-ACC9-E1E0E60801D8} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {1A2EE529-0449-4294-9845-592EFB18EADB} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1A942868-3D6D-4DE1-A3C3-F276DA35331E} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {31CDA273-9065-4C80-944A-BA08FB1DF270} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {32068555-180C-4F88-8229-5BDE044EAA9E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
Task: {3983B469-D165-4245-B5BC-CE57C1E6CF62} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1218808 2015-05-20] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {4BE2D38A-3822-4253-AA0F-ADBC10130A04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {6E3C8BFF-A891-4ADE-B102-C4934836B613} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {939162BD-F937-443E-B0F8-9A15ACB6B83C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9685FE77-E6D1-4E21-9E4B-64638743A898} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
Task: {983BD77F-C68B-4357-B662-367FD7745F10} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F86F30D-53B1-4D50-BD09-C9110843DDE1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {A8CC2AE5-AC15-461C-BE6D-F9EFC19AF08F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {BC3B138D-D504-46C8-94D8-E119A098B5E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3395BB3-1069-4272-9068-58924E1CB982} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2013600 2018-06-12] (NVIDIA Corporation -> )
Task: {EB4FE8C8-8516-4F24-B5DF-2BD79B591FE9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F03C1109-9C5B-4592-B71D-75D3E3E206C7} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1218808 2015-05-20] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {F2F00761-97D7-4716-AA05-B3B4ABC1795A} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {F3C6A751-D8E0-40C5-9E7D-4654226E1A07} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 185.108.120.1 8.8.8.8
Tcpip\..\Interfaces\{57533889-0b01-4c5c-9e4d-20fa9865c0b4}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{dc737c9a-0fbe-4ebd-9482-610a7480c65e}: [DhcpNameServer] 18.0.0.16
Tcpip\..\Interfaces\{e76e89b9-6f70-4bcf-8f42-0181a9337366}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{f8e97a97-203e-460b-bcb1-a7f5149c06b9}: [DhcpNameServer] 185.108.120.1 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell15.msn.com/?pc=DCTE
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> DefaultScope {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files (x86)\Sharp\Sharpdesk\ExplorerExtensions.dll [2011-12-20] (SHARP CORPORATION) [File not signed]
Edge:
======
DownloadDir: C:\Users\Dell_tatka\Downloads
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Notifications: Default -> hxxps://0.costsimpleplay.com; hxxps://www.cestujlevne.com; hxxps://www.planetacestovani.cz
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default [2020-01-06]
CHR Extension: (Prezentace) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-04]
CHR Extension: (YouTube) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-04]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-01-06]
CHR Extension: (Elektronický podpis ČSOB) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahecpanklnlonjjlojnjjcigcbflego [2018-08-21]
CHR Extension: (Tabulky) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-18]
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36032 2019-11-08] (Dell Inc -> )
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2245488 2019-12-13] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1585784 2016-06-03] (Intel Corporation - pGFX -> Intel Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] (Huawei Technologies Co., Ltd. -> )
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-07] (Intel(R) Wireless Display -> Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [311584 2019-04-22] (Intel Corporation -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [651856 2013-10-26] (Huawei Technologies Co., Ltd. -> )
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [277192 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [615384 2017-02-07] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4110624 2019-04-22] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 CertPropSvc; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R4 DBUtil_2_3; C:\WINDOWS\TEMP\DBUtil_2_3.Sys [14840 2019-12-27] (Dell Inc. -> )
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [70208 2016-05-18] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088 2016-05-18] (Intel Corporation -> Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-10-31] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-10-31] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-05-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-10-31] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-13] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [343608 2016-05-18] (Intel Corporation -> Intel Corporation)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2012-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380672 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Netwtw02; C:\WINDOWS\System32\drivers\Netwtw02.sys [6723856 2016-01-21] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8728672 2019-05-03] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_2c7c773e20d8bcfa\nvlddmkm.sys [17538080 2018-06-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-03-21] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
U5 SCardSvr; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-07] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-06 10:11 - 2020-01-06 10:12 - 000032531 _____ C:\Users\Dell_tatka\Desktop\FRST.txt
2020-01-06 10:10 - 2020-01-06 10:11 - 000000000 ____D C:\FRST
2020-01-06 10:09 - 2020-01-06 10:09 - 002272256 _____ (Farbar) C:\Users\Dell_tatka\Desktop\FRST64.exe
2020-01-06 08:57 - 2020-01-06 08:57 - 000000000 ____D C:\Users\Dell_tatka\Downloads\backups
2020-01-06 08:56 - 2020-01-06 08:56 - 000388608 _____ (Trend Micro Inc.) C:\Users\Dell_tatka\Downloads\HijackThis.exe
2020-01-04 12:46 - 2020-01-04 12:46 - 000145874 _____ C:\Users\Dell_tatka\Desktop\Montáže sádrokartonů Veselí nad Moravou • Firmy.cz.html
2020-01-04 12:46 - 2020-01-04 12:46 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Montáže sádrokartonů Veselí nad Moravou • Firmy.cz_files
2020-01-04 12:36 - 2020-01-04 12:36 - 000204684 _____ C:\Users\Dell_tatka\Desktop\Tesařství, pokrývačství a klempířství Veselí nad Moravou • Firmy.cz.html
2020-01-04 12:36 - 2020-01-04 12:36 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Tesařství, pokrývačství a klempířství Veselí nad Moravou • Firmy.cz_files
2020-01-03 09:09 - 2020-01-03 09:09 - 000000185 _____ C:\Users\Dell_tatka\Downloads\doklady (3).txt
2020-01-02 11:02 - 2020-01-02 11:02 - 000000037 _____ C:\Users\Dell_tatka\Downloads\doklady (2).txt
2019-12-27 12:06 - 2019-12-27 12:06 - 001190931 _____ C:\Users\Dell_tatka\Downloads\03PT-003572 - Smlouva-a.pdf
2019-12-27 08:48 - 2019-12-27 08:48 - 000000597 _____ C:\Users\Dell_tatka\Documents\iBRIDGE Photos – Veselí ČS
2019-12-25 11:39 - 2019-12-25 11:39 - 000072453 _____ C:\Users\Dell_tatka\Downloads\Cenik_sluzeb_TD.pdf
2019-12-22 09:18 - 2019-12-22 09:18 - 000000000 ____D C:\WINDOWS\{D9D526E4-4469-47D1-A5F7-65696A7980DD}
2019-12-22 09:18 - 2019-12-22 09:18 - 000000000 ____D C:\WINDOWS\{D7BFF4AE-10EB-46B8-9A9A-5E8FEE1EFB86}
2019-12-20 13:39 - 2019-12-20 13:41 - 000000000 ____D C:\Users\Dell_tatka\Desktop\fotky 2019
2019-12-12 05:55 - 2019-12-12 05:55 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-12 05:55 - 2019-12-12 05:55 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-12 05:55 - 2019-12-12 05:55 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-11 11:22 - 2019-12-11 11:22 - 000000191 _____ C:\Users\Dell_tatka\Downloads\Katerina-Kupcikova.vcf
2019-12-10 07:51 - 2019-12-10 07:51 - 000000142 _____ C:\Users\Dell_tatka\Downloads\stream (46).m3u
2019-12-10 07:42 - 2019-12-10 07:42 - 000000144 _____ C:\Users\Dell_tatka\Downloads\stream (45).m3u
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-06 10:10 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-06 10:00 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-06 09:35 - 2016-03-04 16:50 - 000000000 ____D C:\Users\Dell_tatka\Documents\Soubory aplikace Outlook
2020-01-06 08:56 - 2016-03-04 16:27 - 000000000 ____D C:\Users\Dell_tatka\AppData\Local\VirtualStore
2020-01-06 08:35 - 2019-07-26 06:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-06 07:30 - 2017-11-24 06:34 - 000000000 ____D C:\Users\Dell_tatka\AppData\Local\Packages
2020-01-06 06:57 - 2018-04-26 07:39 - 000000000 ____D C:\Users\Public\SmartPSS
2020-01-06 06:56 - 2019-11-20 09:57 - 000000000 ____D C:\Users\Dell_tatka\Desktop\AKE vše
2020-01-06 05:54 - 2016-03-04 16:27 - 000000000 __SHD C:\Users\Dell_tatka\IntelGraphicsProfiles
2020-01-05 14:43 - 2017-05-11 05:34 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-05 08:42 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-04 08:56 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-02 10:38 - 2019-11-20 09:54 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Česká Spořitelna Veselí
2020-01-02 07:44 - 2017-12-03 07:15 - 000032231 _____ C:\Users\Dell_tatka\Desktop\OSKOL Spotřeba energií.xlsx
2019-12-30 10:19 - 2016-06-09 08:34 - 000000000 ____D C:\Users\Dell_tatka\Desktop\scan
2019-12-27 09:30 - 2019-07-26 06:14 - 001695456 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-27 09:30 - 2019-03-19 12:55 - 000719670 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-27 09:30 - 2019-03-19 12:55 - 000145698 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-27 09:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2019-12-27 09:23 - 2019-07-26 06:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-27 09:23 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-27 09:21 - 2019-06-19 14:06 - 000000000 ____D C:\ProgramData\I.CA SecureStore
2019-12-22 07:22 - 2018-11-10 10:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-19 06:48 - 2016-03-04 14:44 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-19 06:48 - 2016-03-04 14:44 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-14 07:42 - 2019-07-26 06:12 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 07:42 - 2019-07-26 06:12 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-13 06:18 - 2018-01-19 15:32 - 000116696 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-12-13 05:16 - 2019-07-26 06:01 - 000433232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-13 05:16 - 2017-10-12 04:36 - 000000000 ___RD C:\Users\Dell_tatka\3D Objects
2019-12-13 05:16 - 2016-01-07 10:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-12 14:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-12 14:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-12 14:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-12 06:01 - 2016-03-04 17:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-12 05:58 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-12 05:58 - 2016-03-04 17:09 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-10 08:09 - 2016-05-24 10:43 - 000000000 ____D C:\Users\Dell_tatka\AppData\Roaming\vlc
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
k brouzdani pouzivam CHRome a obcas se mi stane ze vyskoci reklama na nejaky clanek v externim okne,. Je mozne to nejak zrusit??Diky
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Dell_tatka (06-01-2020 10:12:31)
Running from C:\Users\Dell_tatka\Desktop
Windows 10 Home Version 1903 18362.535 (X64) (2019-07-26 05:12:15)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-139710159-428793708-3185880871-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-139710159-428793708-3185880871-503 - Limited - Disabled)
Dell_tatka (S-1-5-21-139710159-428793708-3185880871-1001 - Administrator - Enabled) => C:\Users\Dell_tatka
Guest (S-1-5-21-139710159-428793708-3185880871-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-139710159-428793708-3185880871-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{a914536c-bd41-479c-96aa-dee4a9639c22}) (Version: 21.10.1 - Intel Corporation)
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.1.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{736A97C6-8766-3699-84A9-71736C5E0CE3}) (Version: 3.1.11.0 - Dropbox, Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.1.6664.10 - PC-Doctor, Inc.) Hidden
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
GFExperience.Deployer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer) (Version: 3.13.1.30 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
I.CA Diagnostic (HKLM-x32\...\{6969F77F-418C-448B-9CA2-D7304112609E}) (Version: 1.2.8.0 - První certifikační autorita, a.s.) Hidden
I.CA Diagnostic (HKLM-x32\...\I.CA Diagnostic 1.2.8.0) (Version: 1.2.8.0 - První certifikační autorita, a.s.)
I.CA Maintenance (HKLM-x32\...\{29BC7C1E-3AEC-47AB-B820-FC16D759F1B3}) (Version: 1.3.0.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.0.0) (Version: 1.3.0.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{446955F6-A94B-4293-B646-43A9ADD4D62B}) (Version: 1.2.5.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.2.5.0) (Version: 1.2.5.0 - První certifikační autorita, a.s.)
I.CA SecureStore 4.5 (HKLM\...\{974DE7F0-8CE5-4269-9395-2E1314A7E8CB}) (Version: 4.5 - První certifikační autorita, a.s.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Network Scanner version 4.0.0.199 (HKLM-x32\...\Network Scanner_is1) (Version: 4.0.0.199 - LizardSystems)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.11.00.445 - Huawei Technologies Co.,Ltd)
Ovládací panel NVIDIA 391.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.25 - NVIDIA Corporation) Hidden
Ovladač skeneru SHARP MFP TWAIN K (HKLM-x32\...\SHARP MFP TWAIN K Scanner Driver) (Version: 1.00.000 - SHARP)
PDP 2016.01 (HKLM-x32\...\Podnikový a domácí právník 2016_is1) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\PhotoFiltre Studio X) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Printer Status Monitor Version 4.2.0 (HKLM-x32\...\Printer Status Monitor) (Version: 4 - SHARP)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.5.02 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21289 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8578 - Realtek Semiconductor Corp.)
Registrace produktu (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:) Hidden
Registrace produktu Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:)
SHARP MX/MX-M/DX Series PCL/PS Printer Driver (HKLM-x32\...\SHARP MX-2310U PCL PS Printer Driver) (Version: 1.00.000 - SHARP)
Sharpdesk (HKLM-x32\...\{2A30AFBD-6DA5-499F-A83B-7CB2DFF21C23}) (Version: 3.3 - SHARP CORPORATION)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
SmartPSS 2.02.1 (HKLM-x32\...\SmartPSS) (Version: 2.02.1 - )
STORMWARE POHODA Start CZ (HKLM-x32\...\{9048A3CC-D8F1-46FD-91D4-1D157BE71447}) (Version: 11601.12 - STORMWARE)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{139493B2-F1BC-4F05-A974-B49297C1EB04}) (Version: 1.1.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_SK_is1) (Version: 18.0.1.4 - ZONER software)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-01] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-10] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-01-08] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxDTCM.dll [2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Dell_tatka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2016-03-04 17:31 - 2015-06-02 18:51 - 000127057 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh3.dll
2016-03-04 17:31 - 2015-07-28 17:38 - 000143449 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh4.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000127062 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\ShDevice.dll
2016-03-04 17:31 - 2015-06-02 18:50 - 000770048 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSNMP2.dll
2016-03-04 17:31 - 2015-06-02 18:50 - 000106496 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSnmpWrapper.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000061520 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\MIBaccs.dll
2016-03-04 17:31 - 2015-07-28 17:38 - 000094208 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResSh3CSY.DLL
2016-03-04 17:31 - 2015-07-28 17:38 - 000077824 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResSh4CSY.DLL
2016-03-04 17:31 - 2015-07-28 17:39 - 000094208 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResShDeviceCSY.DLL
2016-03-04 17:31 - 2015-07-28 17:39 - 000090112 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\resources\resSMON2CSY.dll
2016-03-04 17:31 - 2015-06-02 18:44 - 000131072 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\SMONIPRV.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000028752 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\smonpdb.dll
2011-12-23 00:01 - 2011-12-23 00:01 - 000930304 _____ () [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\SCprMfpif.dll
2018-01-10 07:33 - 2009-06-23 03:42 - 000043008 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2018-01-10 07:33 - 2009-01-10 19:32 - 000011362 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2018-01-10 07:33 - 2013-08-31 06:44 - 002417152 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2018-01-10 07:33 - 2013-08-31 06:46 - 001148416 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2016-01-07 10:47 - 2016-06-14 21:01 - 001298640 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2011-12-22 23:44 - 2011-12-22 23:44 - 000257024 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\FlowManager.dll
2011-12-15 16:54 - 2011-12-15 16:54 - 000563200 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\mfpngbh.dll
2011-12-23 00:05 - 2011-12-23 00:05 - 000596480 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\ProfMgr.dll
2011-12-22 23:43 - 2011-12-22 23:43 - 000434176 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\Resources\resndkENU.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-05-29 09:05 - 2019-05-29 10:55 - 000000433 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dell_tatka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 185.108.120.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{43C77527-8A8E-4D5B-987C-03D383F418B2}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [TCP Query User{071C9637-CF6F-461E-8B86-57DF5989C3E3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{95423BA3-EF06-4AEC-8800-D51CD361E06A}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe No File
FirewallRules: [UDP Query User{C5D43968-36F4-4213-B016-6E17C858ACCF}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{58B3A1A2-119A-4DE4-96AB-90B076E003BD}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{CD7BF9AE-44B5-491E-AC29-DBB265E02E71}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{4627DD6A-FB29-4A81-B24E-9DC32894066D}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{EACC7C3C-6164-44F0-A86A-F0EF51CBF3F1}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Block) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [TCP Query User{E6DD19BC-8EB7-4707-8108-30A32D7EF2B4}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Block) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [UDP Query User{AE6D0C3E-E556-4673-AD2A-6545F570DC33}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Allow) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [TCP Query User{08083C2E-7EEB-4C6C-89CD-07EFEDB602E8}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Allow) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [{F626C789-9157-46E5-A1E8-D472DFB2875A}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [{14B689EE-47F9-4EE0-9439-107D75FC74A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe (Intel(R) Wireless Display -> )
FirewallRules: [{17317716-F47E-489E-AEF9-958155AA5BAF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe No File
FirewallRules: [{C13CE699-DE4A-4B71-9AD8-AE91943FD78C}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe (Intel(R) Wireless Display -> Intel Corporation)
FirewallRules: [{D35D9F3A-8937-4B10-95C4-10BDD24A07A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{FA1F0C9D-C24B-4688-9C4A-82E9364ED369}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{43259E2C-5155-4BA2-82E9-79DB28843A45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC847E9C-8E33-428E-861D-2DFB149493CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66ACB363-159C-4C7D-8AA3-913FDF06AA17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{DC9908B4-A5DA-410E-96BE-66A52896A7AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{6BF98FC1-EB55-48D1-B66D-F4213EE19470}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{74BEB868-02AC-40EC-8FD6-628BF054BD3C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{47C4AE9F-A06B-4150-804F-5CF4A07C506F}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [TCP Query User{0D99E45A-5114-4A57-BAE6-4D02C6000634}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [UDP Query User{69AA6F1F-7B36-4B37-8CCB-85BE8F2F23E3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{ADE6A743-C2B0-4F6C-BE53-536C22163ABE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [TCP Query User{05939026-83F2-4A24-B769-C447CC62B6C3}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [UDP Query User{A2090841-236F-4956-9F85-BB85A3ACE5E4}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [{09EBA353-2051-4324-9D8E-24BB961FBCFC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:106.15 GB) (Free:5.9 GB) (6%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/06/2020 09:24:29 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8692,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/06/2020 07:49:41 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 24920; požadovaná velikost: 33592.
Error: (01/06/2020 07:06:35 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13260,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/06/2020 06:02:37 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12132,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/05/2020 02:33:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14768,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/05/2020 02:29:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RuntimeBroker.exe, verze: 10.0.18362.1, časové razítko: 0x4539d5a0
Název chybujícího modulu: RasMediaManager.dll, verze: 10.0.18362.1, časové razítko: 0xbdd09b8e
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000051d1
ID chybujícího procesu: 0x258
Čas spuštění chybující aplikace: 0x01d5c3cbf6a14706
Cesta k chybující aplikaci: C:\Windows\System32\RuntimeBroker.exe
Cesta k chybujícímu modulu: C:\Windows\System32\RasMediaManager.dll
ID zprávy: 6b7b6612-0345-4c11-b307-e662fe8dd7c7
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: runtimebroker07f4358a809ac99a64a67c1
Error: (01/05/2020 02:27:56 PM) (Source: NSSDK.CprMfpif.1) (EventID: 8226) (User: )
Description: Event-ID 8226
Error: (01/05/2020 02:27:52 PM) (Source: NSSDK.MfpifValidator.1) (EventID: 8226) (User: )
Description: IP 192.168.1.199 cannot be reached on the network. (0x8215110b)
System errors:
=============
Error: (01/06/2020 05:54:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_433971a byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (01/05/2020 02:27:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_413d7b6 byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (01/05/2020 08:39:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_3fa6215 byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (01/04/2020 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/04/2020 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/04/2020 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/04/2020 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/04/2020 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2019-10-11 09:15:18.348
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Program Files\KMSpico\AutoPico.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Verze bezpečnostních informací: AV: 1.245.822.0, AS: 1.245.822.0, NIS: 1.245.822.0
Verze modulu: AM: 1.1.13804.0, NIS: 1.1.13804.0
Date: 2019-10-11 09:15:16.300
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Program Files\KMSpico\Service_KMS.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Verze bezpečnostních informací: AV: 1.245.822.0, AS: 1.245.822.0, NIS: 1.245.822.0
Verze modulu: AM: 1.1.13804.0, NIS: 1.1.13804.0
CodeIntegrity:
===================================
Date: 2020-01-06 07:03:11.904
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-06 07:03:11.891
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-06 05:54:51.179
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-05 08:40:18.601
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-04 08:56:18.132
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-04 08:56:18.123
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-04 08:55:49.949
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-03 08:15:45.996
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.2.7 12/13/2017
Motherboard: Dell Inc. 000000
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 32%
Total physical RAM: 16254.29 MB
Available physical RAM: 11003.26 MB
Total Virtual: 18686.29 MB
Available Virtual: 12822.15 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:106.15 GB) (Free:5.9 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:928.41 GB) NTFS
\\?\Volume{8dc6a76a-60a4-4395-bb7f-f97ead963c53}\ (WINRETOOLS) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{537221fb-1e09-4fc8-a093-6569b7543d8e}\ (Image) (Fixed) (Total:11.6 GB) (Free:0.44 GB) NTFS
\\?\Volume{9a51c001-1279-4ec0-bc9d-b961b90eff20}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 24B8784C)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 3E66F4BB)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by Dell_tatka (administrator) on DELL (Dell Inc. Inspiron 7559) (06-01-2020 10:11:32)
Running from C:\Users\Dell_tatka\Desktop
Loaded Profiles: Dell_tatka (Available Profiles: Dell_tatka)
Platform: Windows 10 Home Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe
(@ByELDI -> @ByELDI) [File not signed] C:\Program Files\KMSpico\Service_KMS.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) [File not signed] C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc -> Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(EnTech Taiwan -> EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\FTPServer.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\nsapp.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\SharpTray.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9278152 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3075552 2015-04-30] (Dell Inc -> Dell Inc.) [File not signed]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [SN02IPRW] => C:\Windows\SysWOW64\SN02SELC.EXE [135168 2005-02-15] (SHARP CORPORATION) [File not signed]
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [183088 2019-12-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2016-04-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [SharpTray.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe [156672 2011-12-20] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [FtpServer.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\FtpServer.exe [820224 2011-12-22] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [IndexTray.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\IndexTray.exe [395264 2011-12-20] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [ICAMaintenance_ICAPKIService_RegKeysRefresh] => C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --notification-launch-id=3|0|Default|0|hxxps://www.cestujlevne.com/|p#hxxps://www.cest ... b08aecdfcd --flag-switches-begin --flag-switches-end --restore-last-session
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {6e6b3076-f1f5-11e7-9c26-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc29b-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc481-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2016-06-13]
ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan -> EnTech Taiwan)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printer Status Monitor.lnk [2016-03-04]
ShortcutTarget: Printer Status Monitor.lnk -> C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04E49419-204A-438C-A059-B335E4346E83} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {10971286-2681-434A-AD83-9DBE477AE885} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {14650F43-B992-4118-ACC9-E1E0E60801D8} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {1A2EE529-0449-4294-9845-592EFB18EADB} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1A942868-3D6D-4DE1-A3C3-F276DA35331E} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {31CDA273-9065-4C80-944A-BA08FB1DF270} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {32068555-180C-4F88-8229-5BDE044EAA9E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
Task: {3983B469-D165-4245-B5BC-CE57C1E6CF62} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1218808 2015-05-20] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {4BE2D38A-3822-4253-AA0F-ADBC10130A04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {6E3C8BFF-A891-4ADE-B102-C4934836B613} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {939162BD-F937-443E-B0F8-9A15ACB6B83C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9685FE77-E6D1-4E21-9E4B-64638743A898} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
Task: {983BD77F-C68B-4357-B662-367FD7745F10} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F86F30D-53B1-4D50-BD09-C9110843DDE1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {A8CC2AE5-AC15-461C-BE6D-F9EFC19AF08F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {BC3B138D-D504-46C8-94D8-E119A098B5E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3395BB3-1069-4272-9068-58924E1CB982} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2013600 2018-06-12] (NVIDIA Corporation -> )
Task: {EB4FE8C8-8516-4F24-B5DF-2BD79B591FE9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F03C1109-9C5B-4592-B71D-75D3E3E206C7} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1218808 2015-05-20] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {F2F00761-97D7-4716-AA05-B3B4ABC1795A} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {F3C6A751-D8E0-40C5-9E7D-4654226E1A07} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 185.108.120.1 8.8.8.8
Tcpip\..\Interfaces\{57533889-0b01-4c5c-9e4d-20fa9865c0b4}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{dc737c9a-0fbe-4ebd-9482-610a7480c65e}: [DhcpNameServer] 18.0.0.16
Tcpip\..\Interfaces\{e76e89b9-6f70-4bcf-8f42-0181a9337366}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{f8e97a97-203e-460b-bcb1-a7f5149c06b9}: [DhcpNameServer] 185.108.120.1 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell15.msn.com/?pc=DCTE
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> DefaultScope {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files (x86)\Sharp\Sharpdesk\ExplorerExtensions.dll [2011-12-20] (SHARP CORPORATION) [File not signed]
Edge:
======
DownloadDir: C:\Users\Dell_tatka\Downloads
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Notifications: Default -> hxxps://0.costsimpleplay.com; hxxps://www.cestujlevne.com; hxxps://www.planetacestovani.cz
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default [2020-01-06]
CHR Extension: (Prezentace) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-04]
CHR Extension: (YouTube) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-04]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-01-06]
CHR Extension: (Elektronický podpis ČSOB) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahecpanklnlonjjlojnjjcigcbflego [2018-08-21]
CHR Extension: (Tabulky) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-18]
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36032 2019-11-08] (Dell Inc -> )
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2245488 2019-12-13] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1585784 2016-06-03] (Intel Corporation - pGFX -> Intel Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] (Huawei Technologies Co., Ltd. -> )
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-07] (Intel(R) Wireless Display -> Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [311584 2019-04-22] (Intel Corporation -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [651856 2013-10-26] (Huawei Technologies Co., Ltd. -> )
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [277192 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [615384 2017-02-07] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4110624 2019-04-22] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 CertPropSvc; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R4 DBUtil_2_3; C:\WINDOWS\TEMP\DBUtil_2_3.Sys [14840 2019-12-27] (Dell Inc. -> )
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [70208 2016-05-18] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088 2016-05-18] (Intel Corporation -> Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-10-31] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-10-31] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-05-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-10-31] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-13] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [343608 2016-05-18] (Intel Corporation -> Intel Corporation)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2012-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380672 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Netwtw02; C:\WINDOWS\System32\drivers\Netwtw02.sys [6723856 2016-01-21] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8728672 2019-05-03] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_2c7c773e20d8bcfa\nvlddmkm.sys [17538080 2018-06-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-03-21] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
U5 SCardSvr; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-07] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-06 10:11 - 2020-01-06 10:12 - 000032531 _____ C:\Users\Dell_tatka\Desktop\FRST.txt
2020-01-06 10:10 - 2020-01-06 10:11 - 000000000 ____D C:\FRST
2020-01-06 10:09 - 2020-01-06 10:09 - 002272256 _____ (Farbar) C:\Users\Dell_tatka\Desktop\FRST64.exe
2020-01-06 08:57 - 2020-01-06 08:57 - 000000000 ____D C:\Users\Dell_tatka\Downloads\backups
2020-01-06 08:56 - 2020-01-06 08:56 - 000388608 _____ (Trend Micro Inc.) C:\Users\Dell_tatka\Downloads\HijackThis.exe
2020-01-04 12:46 - 2020-01-04 12:46 - 000145874 _____ C:\Users\Dell_tatka\Desktop\Montáže sádrokartonů Veselí nad Moravou • Firmy.cz.html
2020-01-04 12:46 - 2020-01-04 12:46 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Montáže sádrokartonů Veselí nad Moravou • Firmy.cz_files
2020-01-04 12:36 - 2020-01-04 12:36 - 000204684 _____ C:\Users\Dell_tatka\Desktop\Tesařství, pokrývačství a klempířství Veselí nad Moravou • Firmy.cz.html
2020-01-04 12:36 - 2020-01-04 12:36 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Tesařství, pokrývačství a klempířství Veselí nad Moravou • Firmy.cz_files
2020-01-03 09:09 - 2020-01-03 09:09 - 000000185 _____ C:\Users\Dell_tatka\Downloads\doklady (3).txt
2020-01-02 11:02 - 2020-01-02 11:02 - 000000037 _____ C:\Users\Dell_tatka\Downloads\doklady (2).txt
2019-12-27 12:06 - 2019-12-27 12:06 - 001190931 _____ C:\Users\Dell_tatka\Downloads\03PT-003572 - Smlouva-a.pdf
2019-12-27 08:48 - 2019-12-27 08:48 - 000000597 _____ C:\Users\Dell_tatka\Documents\iBRIDGE Photos – Veselí ČS
2019-12-25 11:39 - 2019-12-25 11:39 - 000072453 _____ C:\Users\Dell_tatka\Downloads\Cenik_sluzeb_TD.pdf
2019-12-22 09:18 - 2019-12-22 09:18 - 000000000 ____D C:\WINDOWS\{D9D526E4-4469-47D1-A5F7-65696A7980DD}
2019-12-22 09:18 - 2019-12-22 09:18 - 000000000 ____D C:\WINDOWS\{D7BFF4AE-10EB-46B8-9A9A-5E8FEE1EFB86}
2019-12-20 13:39 - 2019-12-20 13:41 - 000000000 ____D C:\Users\Dell_tatka\Desktop\fotky 2019
2019-12-12 05:55 - 2019-12-12 05:55 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-12 05:55 - 2019-12-12 05:55 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-12 05:55 - 2019-12-12 05:55 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-11 11:22 - 2019-12-11 11:22 - 000000191 _____ C:\Users\Dell_tatka\Downloads\Katerina-Kupcikova.vcf
2019-12-10 07:51 - 2019-12-10 07:51 - 000000142 _____ C:\Users\Dell_tatka\Downloads\stream (46).m3u
2019-12-10 07:42 - 2019-12-10 07:42 - 000000144 _____ C:\Users\Dell_tatka\Downloads\stream (45).m3u
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-06 10:10 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-06 10:00 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-06 09:35 - 2016-03-04 16:50 - 000000000 ____D C:\Users\Dell_tatka\Documents\Soubory aplikace Outlook
2020-01-06 08:56 - 2016-03-04 16:27 - 000000000 ____D C:\Users\Dell_tatka\AppData\Local\VirtualStore
2020-01-06 08:35 - 2019-07-26 06:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-06 07:30 - 2017-11-24 06:34 - 000000000 ____D C:\Users\Dell_tatka\AppData\Local\Packages
2020-01-06 06:57 - 2018-04-26 07:39 - 000000000 ____D C:\Users\Public\SmartPSS
2020-01-06 06:56 - 2019-11-20 09:57 - 000000000 ____D C:\Users\Dell_tatka\Desktop\AKE vše
2020-01-06 05:54 - 2016-03-04 16:27 - 000000000 __SHD C:\Users\Dell_tatka\IntelGraphicsProfiles
2020-01-05 14:43 - 2017-05-11 05:34 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-05 08:42 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-04 08:56 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-02 10:38 - 2019-11-20 09:54 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Česká Spořitelna Veselí
2020-01-02 07:44 - 2017-12-03 07:15 - 000032231 _____ C:\Users\Dell_tatka\Desktop\OSKOL Spotřeba energií.xlsx
2019-12-30 10:19 - 2016-06-09 08:34 - 000000000 ____D C:\Users\Dell_tatka\Desktop\scan
2019-12-27 09:30 - 2019-07-26 06:14 - 001695456 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-27 09:30 - 2019-03-19 12:55 - 000719670 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-27 09:30 - 2019-03-19 12:55 - 000145698 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-27 09:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2019-12-27 09:23 - 2019-07-26 06:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-27 09:23 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-27 09:21 - 2019-06-19 14:06 - 000000000 ____D C:\ProgramData\I.CA SecureStore
2019-12-22 07:22 - 2018-11-10 10:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-19 06:48 - 2016-03-04 14:44 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-19 06:48 - 2016-03-04 14:44 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-14 07:42 - 2019-07-26 06:12 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 07:42 - 2019-07-26 06:12 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-13 06:18 - 2018-01-19 15:32 - 000116696 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-12-13 05:16 - 2019-07-26 06:01 - 000433232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-13 05:16 - 2017-10-12 04:36 - 000000000 ___RD C:\Users\Dell_tatka\3D Objects
2019-12-13 05:16 - 2016-01-07 10:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-12 14:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-12 14:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-12 14:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-12 06:01 - 2016-03-04 17:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-12 05:58 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-12 05:58 - 2016-03-04 17:09 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-10 08:09 - 2016-05-24 10:43 - 000000000 ____D C:\Users\Dell_tatka\AppData\Roaming\vlc
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
- Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakujicici okna z chrome prohlizece
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakujicici okna z chrome prohlizece
Dobrý den
dekuji za pomoc. tady je log
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-07-2020
# Duration: 00:00:15
# OS: Windows 10 Home
# Scanned: 34757
# Detected: 23
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
Preinstalled.DellCustomerConnect Folder C:\Program Files (x86)\DELL CUSTOMER CONNECT
Preinstalled.DellCustomerConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}
Preinstalled.DellDigitalDelivery Folder C:\Program Files (x86)\DELL DIGITAL DELIVERY
Preinstalled.DellQuickset Folder C:\Program Files\DELL\QUICKSET
Preinstalled.DellQuickset Folder C:\Windows\DELL\QUICKSET
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|QuickSet
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|QuickSet
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87CF757E-C1F1-4D22-865C-00C6950B5258}
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST
Preinstalled.DellSupportCenter Folder C:\Program Files\DELL SUPPORT CENTER
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5EBBC1DA-975F-44A0-B438-F325BCD45577}
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3983B469-D165-4245-B5BC-CE57C1E6CF62}
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3983B469-D165-4245-B5BC-CE57C1E6CF62}
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PC-Doctor for Windows
Preinstalled.LenovoThinkVantageToolbox Task C:\Windows\System32\Tasks\PCDOCTORBACKGROUNDMONITORTASK
Preinstalled.MyDell Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dell Support Center
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
dekuji za pomoc. tady je log
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-07-2020
# Duration: 00:00:15
# OS: Windows 10 Home
# Scanned: 34757
# Detected: 23
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
Preinstalled.DellCustomerConnect Folder C:\Program Files (x86)\DELL CUSTOMER CONNECT
Preinstalled.DellCustomerConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}
Preinstalled.DellDigitalDelivery Folder C:\Program Files (x86)\DELL DIGITAL DELIVERY
Preinstalled.DellQuickset Folder C:\Program Files\DELL\QUICKSET
Preinstalled.DellQuickset Folder C:\Windows\DELL\QUICKSET
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|QuickSet
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|QuickSet
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87CF757E-C1F1-4D22-865C-00C6950B5258}
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST
Preinstalled.DellSupportCenter Folder C:\Program Files\DELL SUPPORT CENTER
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5EBBC1DA-975F-44A0-B438-F325BCD45577}
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3983B469-D165-4245-B5BC-CE57C1E6CF62}
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3983B469-D165-4245-B5BC-CE57C1E6CF62}
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PC-Doctor for Windows
Preinstalled.LenovoThinkVantageToolbox Task C:\Windows\System32\Tasks\PCDOCTORBACKGROUNDMONITORTASK
Preinstalled.MyDell Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dell Support Center
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
- Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakujicici okna z chrome prohlizece
Nalezené položky smažte, restartujte PC a dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakujicici okna z chrome prohlizece
Zdravim a posilam
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2020
Ran by Dell_tatka (18-01-2020 10:06:49)
Running from C:\Users\Dell_tatka\Desktop
Windows 10 Home Version 1903 18362.592 (X64) (2019-07-26 05:12:15)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-139710159-428793708-3185880871-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-139710159-428793708-3185880871-503 - Limited - Disabled)
Dell_tatka (S-1-5-21-139710159-428793708-3185880871-1001 - Administrator - Enabled) => C:\Users\Dell_tatka
Guest (S-1-5-21-139710159-428793708-3185880871-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-139710159-428793708-3185880871-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{a914536c-bd41-479c-96aa-dee4a9639c22}) (Version: 21.10.1 - Intel Corporation)
Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan)
Dropbox 20 GB (HKLM-x32\...\{736A97C6-8766-3699-84A9-71736C5E0CE3}) (Version: 3.1.11.0 - Dropbox, Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.1.6664.10 - PC-Doctor, Inc.) Hidden
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
GFExperience.Deployer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer) (Version: 3.13.1.30 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
I.CA Diagnostic (HKLM-x32\...\{6969F77F-418C-448B-9CA2-D7304112609E}) (Version: 1.2.8.0 - První certifikační autorita, a.s.) Hidden
I.CA Diagnostic (HKLM-x32\...\I.CA Diagnostic 1.2.8.0) (Version: 1.2.8.0 - První certifikační autorita, a.s.)
I.CA Maintenance (HKLM-x32\...\{29BC7C1E-3AEC-47AB-B820-FC16D759F1B3}) (Version: 1.3.0.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.0.0) (Version: 1.3.0.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{446955F6-A94B-4293-B646-43A9ADD4D62B}) (Version: 1.2.5.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.2.5.0) (Version: 1.2.5.0 - První certifikační autorita, a.s.)
I.CA SecureStore 4.5 (HKLM\...\{974DE7F0-8CE5-4269-9395-2E1314A7E8CB}) (Version: 4.5 - První certifikační autorita, a.s.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Network Scanner version 4.0.0.199 (HKLM-x32\...\Network Scanner_is1) (Version: 4.0.0.199 - LizardSystems)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.11.00.445 - Huawei Technologies Co.,Ltd)
Ovládací panel NVIDIA 391.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.25 - NVIDIA Corporation) Hidden
Ovladač skeneru SHARP MFP TWAIN K (HKLM-x32\...\SHARP MFP TWAIN K Scanner Driver) (Version: 1.00.000 - SHARP)
PDP 2016.01 (HKLM-x32\...\Podnikový a domácí právník 2016_is1) (Version: - )
PDP 2020.01 (HKLM-x32\...\Podnikový a domácí právník 2020_is1) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\PhotoFiltre Studio X) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Printer Status Monitor Version 4.2.0 (HKLM-x32\...\Printer Status Monitor) (Version: 4 - SHARP)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21289 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8578 - Realtek Semiconductor Corp.)
Registrace produktu (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:) Hidden
Registrace produktu Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:)
SHARP MX/MX-M/DX Series PCL/PS Printer Driver (HKLM-x32\...\SHARP MX-2310U PCL PS Printer Driver) (Version: 1.00.000 - SHARP)
Sharpdesk (HKLM-x32\...\{2A30AFBD-6DA5-499F-A83B-7CB2DFF21C23}) (Version: 3.3 - SHARP CORPORATION)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
SmartPSS 2.02.1 (HKLM-x32\...\SmartPSS) (Version: 2.02.1 - )
STORMWARE POHODA Start CZ (HKLM-x32\...\{9048A3CC-D8F1-46FD-91D4-1D157BE71447}) (Version: 11601.12 - STORMWARE)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{139493B2-F1BC-4F05-A974-B49297C1EB04}) (Version: 1.1.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_SK_is1) (Version: 18.0.1.4 - ZONER software)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-01] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-10] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-01-08] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxDTCM.dll [2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Dell_tatka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2016-03-04 17:31 - 2015-06-02 18:51 - 000127057 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh3.dll
2016-03-04 17:31 - 2015-07-28 17:38 - 000143449 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh4.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000127062 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\ShDevice.dll
2016-03-04 17:31 - 2015-06-02 18:50 - 000770048 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSNMP2.dll
2016-03-04 17:31 - 2015-06-02 18:50 - 000106496 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSnmpWrapper.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000061520 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\MIBaccs.dll
2016-03-04 17:31 - 2015-07-28 17:38 - 000094208 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResSh3CSY.DLL
2016-03-04 17:31 - 2015-07-28 17:38 - 000077824 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResSh4CSY.DLL
2016-03-04 17:31 - 2015-07-28 17:39 - 000094208 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResShDeviceCSY.DLL
2016-03-04 17:31 - 2015-07-28 17:39 - 000090112 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\resources\resSMON2CSY.dll
2016-03-04 17:31 - 2015-06-02 18:44 - 000131072 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\SMONIPRV.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000028752 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\smonpdb.dll
2011-12-22 23:51 - 2011-12-22 23:51 - 000006144 _____ () [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\discoveryps.dll
2011-12-23 00:01 - 2011-12-23 00:01 - 000930304 _____ () [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\SCprMfpif.dll
2018-01-10 07:33 - 2009-06-23 03:42 - 000043008 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2018-01-10 07:33 - 2009-01-10 19:32 - 000011362 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2018-01-10 07:33 - 2013-08-31 06:44 - 002417152 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2018-01-10 07:33 - 2013-08-31 06:46 - 001148416 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2016-01-07 10:47 - 2016-06-14 21:01 - 001298640 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2011-12-22 23:44 - 2011-12-22 23:44 - 000257024 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\FlowManager.dll
2011-12-15 16:54 - 2011-12-15 16:54 - 000563200 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\mfpngbh.dll
2011-12-23 00:05 - 2011-12-23 00:05 - 000596480 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\ProfMgr.dll
2011-12-22 23:43 - 2011-12-22 23:43 - 000434176 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\Resources\resndkENU.dll
2011-12-22 23:51 - 2011-12-22 23:51 - 000786944 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\SNMPSvcs.dll
2011-12-15 16:57 - 2011-12-15 16:57 - 000310784 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\ValMgr.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-05-29 09:05 - 2019-05-29 10:55 - 000000433 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dell_tatka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 185.108.120.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{43C77527-8A8E-4D5B-987C-03D383F418B2}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [TCP Query User{071C9637-CF6F-461E-8B86-57DF5989C3E3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{95423BA3-EF06-4AEC-8800-D51CD361E06A}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe No File
FirewallRules: [UDP Query User{C5D43968-36F4-4213-B016-6E17C858ACCF}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{58B3A1A2-119A-4DE4-96AB-90B076E003BD}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{CD7BF9AE-44B5-491E-AC29-DBB265E02E71}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{4627DD6A-FB29-4A81-B24E-9DC32894066D}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{EACC7C3C-6164-44F0-A86A-F0EF51CBF3F1}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Block) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [TCP Query User{E6DD19BC-8EB7-4707-8108-30A32D7EF2B4}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Block) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [UDP Query User{AE6D0C3E-E556-4673-AD2A-6545F570DC33}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Allow) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [TCP Query User{08083C2E-7EEB-4C6C-89CD-07EFEDB602E8}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Allow) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [{F626C789-9157-46E5-A1E8-D472DFB2875A}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [{14B689EE-47F9-4EE0-9439-107D75FC74A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe (Intel(R) Wireless Display -> )
FirewallRules: [{17317716-F47E-489E-AEF9-958155AA5BAF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe No File
FirewallRules: [{C13CE699-DE4A-4B71-9AD8-AE91943FD78C}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe (Intel(R) Wireless Display -> Intel Corporation)
FirewallRules: [{D35D9F3A-8937-4B10-95C4-10BDD24A07A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{FA1F0C9D-C24B-4688-9C4A-82E9364ED369}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{43259E2C-5155-4BA2-82E9-79DB28843A45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC847E9C-8E33-428E-861D-2DFB149493CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66ACB363-159C-4C7D-8AA3-913FDF06AA17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{DC9908B4-A5DA-410E-96BE-66A52896A7AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{6BF98FC1-EB55-48D1-B66D-F4213EE19470}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{74BEB868-02AC-40EC-8FD6-628BF054BD3C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{47C4AE9F-A06B-4150-804F-5CF4A07C506F}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [TCP Query User{0D99E45A-5114-4A57-BAE6-4D02C6000634}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [UDP Query User{69AA6F1F-7B36-4B37-8CCB-85BE8F2F23E3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{ADE6A743-C2B0-4F6C-BE53-536C22163ABE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [TCP Query User{05939026-83F2-4A24-B769-C447CC62B6C3}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [UDP Query User{A2090841-236F-4956-9F85-BB85A3ACE5E4}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [{B1A04FD5-CD24-4A48-9CCC-FD9086925FFE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:106.15 GB) (Free:5.12 GB) (5%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/18/2020 10:04:16 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 30648; požadovaná velikost: 31384.
Error: (01/18/2020 10:03:44 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 7932 ms
DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function: WIPolicyActiveRelationshipTableChanged::execute
Message: Unhandled exception caught during execution of work item
Framework Event: PolicyActiveRelationshipTableChanged [44]
Policy: Active Policy [0]
Exception Function: Policy::executePolicyActiveRelationshipTableChanged
Exception Text:
DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Error: (01/18/2020 10:03:44 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 7918 ms
DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function: WIPolicyActiveRelationshipTableChanged::execute
Message: Unhandled exception caught during execution of work item
Framework Event: PolicyActiveRelationshipTableChanged [44]
Policy: Active Policy [0]
Exception Function: Policy::executePolicyActiveRelationshipTableChanged
Exception Text:
DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Error: (01/18/2020 10:03:25 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/18/2020 10:03:25 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (01/18/2020 09:25:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3848,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/17/2020 11:45:07 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9892,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/17/2020 10:44:26 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5092,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (01/18/2020 10:05:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Dell Digital Delivery Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/18/2020 10:05:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Dell Customer Connect neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/18/2020 10:03:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_54acd byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (01/18/2020 10:03:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. RunOuc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/18/2020 10:03:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. RunOuc bylo dosaženo časového limitu (45000 ms).
Error: (01/18/2020 10:03:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (01/18/2020 10:03:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (01/18/2020 10:03:25 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Windows Defender:
===================================
Date: 2019-10-11 09:15:18.348
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Program Files\KMSpico\AutoPico.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Verze bezpečnostních informací: AV: 1.245.822.0, AS: 1.245.822.0, NIS: 1.245.822.0
Verze modulu: AM: 1.1.13804.0, NIS: 1.1.13804.0
Date: 2019-10-11 09:15:16.300
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Program Files\KMSpico\Service_KMS.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Verze bezpečnostních informací: AV: 1.245.822.0, AS: 1.245.822.0, NIS: 1.245.822.0
Verze modulu: AM: 1.1.13804.0, NIS: 1.1.13804.0
CodeIntegrity:
===================================
Date: 2020-01-18 10:06:57.826
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 10:06:57.816
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 10:05:57.638
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-18 09:14:48.263
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-17 08:11:58.068
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-17 08:11:58.046
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-17 05:57:41.439
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-17 05:57:41.430
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.2.7 12/13/2017
Motherboard: Dell Inc. 000000
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 27%
Total physical RAM: 16254.29 MB
Available physical RAM: 11728.86 MB
Total Virtual: 18686.29 MB
Available Virtual: 14086.54 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:106.15 GB) (Free:5.12 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:928.41 GB) NTFS
\\?\Volume{8dc6a76a-60a4-4395-bb7f-f97ead963c53}\ (WINRETOOLS) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{537221fb-1e09-4fc8-a093-6569b7543d8e}\ (Image) (Fixed) (Total:11.6 GB) (Free:0.44 GB) NTFS
\\?\Volume{9a51c001-1279-4ec0-bc9d-b961b90eff20}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 24B8784C)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 3E66F4BB)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2020
Ran by Dell_tatka (administrator) on DELL (Dell Inc. Inspiron 7559) (18-01-2020 10:05:41)
Running from C:\Users\Dell_tatka\Desktop
Loaded Profiles: Dell_tatka (Available Profiles: Dell_tatka)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
() [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe
(@ByELDI -> @ByELDI) [File not signed] C:\Program Files\KMSpico\Service_KMS.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(EnTech Taiwan -> EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\FTPServer.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\nsapp.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\SharpTray.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9278152 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [SN02IPRW] => C:\Windows\SysWOW64\SN02SELC.EXE [135168 2005-02-15] (SHARP CORPORATION) [File not signed]
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [183088 2019-12-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2016-04-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [SharpTray.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe [156672 2011-12-20] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [FtpServer.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\FtpServer.exe [820224 2011-12-22] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [IndexTray.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\IndexTray.exe [395264 2011-12-20] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [ICAMaintenance_ICAPKIService_RegKeysRefresh] => C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --notification-launch-id=3|0|Default|0|hxxps://www.cestujlevne.com/|p#hxxps://www.cest ... b08aecdfcd --flag-switches-begin --flag-switches-end --restore-last-session
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {6e6b3076-f1f5-11e7-9c26-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc29b-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc481-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2016-06-13]
ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan -> EnTech Taiwan)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printer Status Monitor.lnk [2016-03-04]
ShortcutTarget: Printer Status Monitor.lnk -> C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04E49419-204A-438C-A059-B335E4346E83} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {10971286-2681-434A-AD83-9DBE477AE885} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {14650F43-B992-4118-ACC9-E1E0E60801D8} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {1A2EE529-0449-4294-9845-592EFB18EADB} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1A942868-3D6D-4DE1-A3C3-F276DA35331E} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {31CDA273-9065-4C80-944A-BA08FB1DF270} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {32068555-180C-4F88-8229-5BDE044EAA9E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
Task: {4BE2D38A-3822-4253-AA0F-ADBC10130A04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {6E3C8BFF-A891-4ADE-B102-C4934836B613} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {939162BD-F937-443E-B0F8-9A15ACB6B83C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9685FE77-E6D1-4E21-9E4B-64638743A898} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
Task: {983BD77F-C68B-4357-B662-367FD7745F10} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F86F30D-53B1-4D50-BD09-C9110843DDE1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {A8CC2AE5-AC15-461C-BE6D-F9EFC19AF08F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {BC3B138D-D504-46C8-94D8-E119A098B5E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3395BB3-1069-4272-9068-58924E1CB982} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2013600 2018-06-12] (NVIDIA Corporation -> )
Task: {EB4FE8C8-8516-4F24-B5DF-2BD79B591FE9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F03C1109-9C5B-4592-B71D-75D3E3E206C7} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {F2F00761-97D7-4716-AA05-B3B4ABC1795A} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {F3C6A751-D8E0-40C5-9E7D-4654226E1A07} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 185.108.120.1 8.8.8.8
Tcpip\..\Interfaces\{57533889-0b01-4c5c-9e4d-20fa9865c0b4}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{dc737c9a-0fbe-4ebd-9482-610a7480c65e}: [DhcpNameServer] 18.0.0.16
Tcpip\..\Interfaces\{e76e89b9-6f70-4bcf-8f42-0181a9337366}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{f8e97a97-203e-460b-bcb1-a7f5149c06b9}: [DhcpNameServer] 185.108.120.1 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell15.msn.com/?pc=DCTE
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> DefaultScope {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files (x86)\Sharp\Sharpdesk\ExplorerExtensions.dll [2011-12-20] (SHARP CORPORATION) [File not signed]
Edge:
======
DownloadDir: C:\Users\Dell_tatka\Downloads
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Notifications: Default -> hxxps://0.costsimpleplay.com; hxxps://www.cestujlevne.com; hxxps://www.planetacestovani.cz
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default [2020-01-18]
CHR Extension: (Prezentace) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-04]
CHR Extension: (YouTube) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-04]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-01-06]
CHR Extension: (Elektronický podpis ČSOB) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahecpanklnlonjjlojnjjcigcbflego [2018-08-21]
CHR Extension: (Tabulky) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-18]
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36032 2019-11-08] (Dell Inc -> )
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2245488 2019-12-13] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1585784 2016-06-03] (Intel Corporation - pGFX -> Intel Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] (Huawei Technologies Co., Ltd. -> )
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-07] (Intel(R) Wireless Display -> Intel)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [311584 2019-04-22] (Intel Corporation -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [651856 2013-10-26] (Huawei Technologies Co., Ltd. -> )
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [277192 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [615384 2017-02-07] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4110624 2019-04-22] (Intel Corporation -> Intel® Corporation)
S2 Dell Customer Connect; "C:\Program Files (x86)\Dell Customer Connect\DCCService.exe" [X]
S2 DellDigitalDelivery; "C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 CertPropSvc; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [70208 2016-05-18] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088 2016-05-18] (Intel Corporation -> Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-10-31] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-10-31] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-05-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-10-31] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-13] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [343608 2016-05-18] (Intel Corporation -> Intel Corporation)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2012-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380672 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Netwtw02; C:\WINDOWS\System32\drivers\Netwtw02.sys [6723856 2016-01-21] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8728672 2019-05-03] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_2c7c773e20d8bcfa\nvlddmkm.sys [17538080 2018-06-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-03-21] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
U5 SCardSvr; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-07] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 10:05 - 2020-01-18 10:06 - 000030550 _____ C:\Users\Dell_tatka\Desktop\FRST.txt
2020-01-18 10:05 - 2020-01-18 10:05 - 002573312 _____ (Farbar) C:\Users\Dell_tatka\Desktop\FRST64.exe
2020-01-18 10:02 - 2020-01-18 10:02 - 008237744 _____ (Malwarebytes) C:\Users\Dell_tatka\Desktop\adwcleaner_8.0.1.exe
2020-01-18 10:02 - 2020-01-18 10:02 - 001883976 _____ (Malwarebytes) C:\Users\Dell_tatka\Downloads\MBSetup (1).exe
2020-01-17 09:06 - 2020-01-17 09:06 - 000920350 _____ C:\Users\Dell_tatka\Downloads\Geometrický plán č. 7157_63-2018.pdf
2020-01-17 09:04 - 2020-01-17 09:04 - 000026734 _____ C:\Users\Dell_tatka\Downloads\Podmínky prodeje - Kroměříž.pdf
2020-01-16 09:56 - 2020-01-16 09:56 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-16 09:51 - 2020-01-16 09:51 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-16 09:51 - 2020-01-16 09:51 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-12 17:23 - 2020-01-12 17:23 - 000042134 _____ C:\Users\Dell_tatka\Desktop\Linka na kompozitní kari síť - Hodonín - Bazoš.cz.html
2020-01-12 17:23 - 2020-01-12 17:23 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Linka na kompozitní kari síť - Hodonín - Bazoš.cz_files
2020-01-12 16:56 - 2020-01-12 16:56 - 000025591 _____ C:\Users\Dell_tatka\Desktop\Sklapěčka Romanital Ercolino 1.3i - Třebíč - Bazoš.cz.html
2020-01-12 16:56 - 2020-01-12 16:56 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Sklapěčka Romanital Ercolino 1.3i - Třebíč - Bazoš.cz_files
2020-01-12 07:51 - 2020-01-12 07:51 - 000003335 _____ C:\Users\Dell_tatka\Downloads\doklady (4).txt
2020-01-10 13:16 - 2020-01-10 13:16 - 023463538 _____ C:\Users\Dell_tatka\Downloads\DV_190054 (1).pdf
2020-01-10 13:16 - 2020-01-10 13:16 - 008666067 _____ C:\Users\Dell_tatka\Downloads\DV_190056.pdf
2020-01-10 13:14 - 2020-01-10 13:14 - 001052755 _____ C:\Users\Dell_tatka\Downloads\DV_200001.pdf
2020-01-10 13:12 - 2020-01-10 13:12 - 023463538 _____ C:\Users\Dell_tatka\Downloads\DV_190054.pdf
2020-01-10 12:39 - 2020-01-10 12:39 - 000394312 _____ C:\Users\Dell_tatka\Downloads\studie_vymetal_blacklisting.pdf
2020-01-09 09:20 - 2020-01-09 09:20 - 000001260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Podnikový a domácí právník 2020.lnk
2020-01-09 09:20 - 2020-01-09 09:20 - 000001248 _____ C:\Users\Public\Desktop\Podnikový a domácí právník 2020.lnk
2020-01-09 09:18 - 2020-01-09 09:18 - 000000000 ____D C:\Program Files (x86)\LEGIS
2020-01-07 08:21 - 2020-01-07 08:21 - 001883976 _____ (Malwarebytes) C:\Users\Dell_tatka\Downloads\MBSetup.exe
2020-01-06 10:10 - 2020-01-18 10:06 - 000000000 ____D C:\FRST
2020-01-06 08:57 - 2020-01-06 08:57 - 000000000 ____D C:\Users\Dell_tatka\Downloads\backups
2020-01-06 08:56 - 2020-01-06 08:56 - 000388608 _____ (Trend Micro Inc.) C:\Users\Dell_tatka\Downloads\HijackThis.exe
2020-01-04 12:46 - 2020-01-04 12:46 - 000145874 _____ C:\Users\Dell_tatka\Desktop\Montáže sádrokartonů Veselí nad Moravou • Firmy.cz.html
2020-01-04 12:46 - 2020-01-04 12:46 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Montáže sádrokartonů Veselí nad Moravou • Firmy.cz_files
2020-01-04 12:36 - 2020-01-04 12:36 - 000204684 _____ C:\Users\Dell_tatka\Desktop\Tesařství, pokrývačství a klempířství Veselí nad Moravou • Firmy.cz.html
2020-01-04 12:36 - 2020-01-04 12:36 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Tesařství, pokrývačství a klempířství Veselí nad Moravou • Firmy.cz_files
2020-01-03 09:09 - 2020-01-03 09:09 - 000000185 _____ C:\Users\Dell_tatka\Downloads\doklady (3).txt
2020-01-02 11:02 - 2020-01-02 11:02 - 000000037 _____ C:\Users\Dell_tatka\Downloads\doklady (2).txt
2019-12-27 12:06 - 2019-12-27 12:06 - 001190931 _____ C:\Users\Dell_tatka\Downloads\03PT-003572 - Smlouva-a.pdf
2019-12-27 08:48 - 2019-12-27 08:48 - 000000597 _____ C:\Users\Dell_tatka\Documents\iBRIDGE Photos – Veselí ČS
2019-12-25 11:39 - 2019-12-25 11:39 - 000072453 _____ C:\Users\Dell_tatka\Downloads\Cenik_sluzeb_TD.pdf
2019-12-22 09:18 - 2019-12-22 09:18 - 000000000 ____D C:\WINDOWS\{D9D526E4-4469-47D1-A5F7-65696A7980DD}
2019-12-22 09:18 - 2019-12-22 09:18 - 000000000 ____D C:\WINDOWS\{D7BFF4AE-10EB-46B8-9A9A-5E8FEE1EFB86}
2019-12-20 13:39 - 2019-12-20 13:41 - 000000000 ____D C:\Users\Dell_tatka\Desktop\fotky 2019
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 10:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2020-01-18 10:04 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-18 10:03 - 2019-07-26 06:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-18 10:03 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-18 10:03 - 2017-05-11 05:34 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-18 10:03 - 2016-03-04 16:27 - 000000000 __SHD C:\Users\Dell_tatka\IntelGraphicsProfiles
2020-01-18 10:03 - 2016-03-04 15:21 - 000000000 ____D C:\Program Files (x86)\Dell
2020-01-18 10:03 - 2016-01-07 10:37 - 000000000 ____D C:\WINDOWS\Dell
2020-01-18 10:03 - 2016-01-07 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-01-18 10:03 - 2016-01-07 10:35 - 000000000 ____D C:\Program Files\Dell
2020-01-18 10:03 - 2016-01-07 10:08 - 000000000 ____D C:\ProgramData\Dell
2020-01-18 09:46 - 2018-04-26 07:39 - 000000000 ____D C:\Users\Public\SmartPSS
2020-01-18 09:22 - 2016-03-04 16:50 - 000000000 ____D C:\Users\Dell_tatka\Documents\Soubory aplikace Outlook
2020-01-17 12:14 - 2019-07-26 06:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-17 06:48 - 2016-03-04 14:44 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-17 06:48 - 2016-03-04 14:44 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-17 06:02 - 2019-07-26 06:14 - 001695456 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-17 06:02 - 2019-03-19 12:55 - 000719670 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-17 06:02 - 2019-03-19 12:55 - 000145698 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-17 06:02 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-17 05:59 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-17 05:54 - 2019-07-26 06:01 - 000433232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 12:58 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 12:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 12:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 12:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-16 10:00 - 2016-03-04 17:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-16 09:58 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-16 09:58 - 2016-03-04 17:09 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-16 09:48 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-16 08:40 - 2019-11-20 09:54 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Česká Spořitelna Veselí
2020-01-16 06:20 - 2017-11-24 06:34 - 000000000 ____D C:\Users\Dell_tatka\AppData\Local\Packages
2020-01-14 08:29 - 2016-06-09 08:34 - 000000000 ____D C:\Users\Dell_tatka\Desktop\scan
2020-01-14 06:22 - 2016-05-24 10:43 - 000000000 ____D C:\Users\Dell_tatka\AppData\Roaming\vlc
2020-01-07 08:22 - 2017-03-22 10:25 - 000000000 ____D C:\AdwCleaner
2020-01-06 08:56 - 2016-03-04 16:27 - 000000000 ____D C:\Users\Dell_tatka\AppData\Local\VirtualStore
2020-01-06 06:56 - 2019-11-20 09:57 - 000000000 ____D C:\Users\Dell_tatka\Desktop\AKE vše
2020-01-02 07:44 - 2017-12-03 07:15 - 000032231 _____ C:\Users\Dell_tatka\Desktop\OSKOL Spotřeba energií.xlsx
2019-12-27 09:21 - 2019-06-19 14:06 - 000000000 ____D C:\ProgramData\I.CA SecureStore
2019-12-22 07:22 - 2018-11-10 10:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2020
Ran by Dell_tatka (18-01-2020 10:06:49)
Running from C:\Users\Dell_tatka\Desktop
Windows 10 Home Version 1903 18362.592 (X64) (2019-07-26 05:12:15)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-139710159-428793708-3185880871-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-139710159-428793708-3185880871-503 - Limited - Disabled)
Dell_tatka (S-1-5-21-139710159-428793708-3185880871-1001 - Administrator - Enabled) => C:\Users\Dell_tatka
Guest (S-1-5-21-139710159-428793708-3185880871-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-139710159-428793708-3185880871-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{a914536c-bd41-479c-96aa-dee4a9639c22}) (Version: 21.10.1 - Intel Corporation)
Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan)
Dropbox 20 GB (HKLM-x32\...\{736A97C6-8766-3699-84A9-71736C5E0CE3}) (Version: 3.1.11.0 - Dropbox, Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.1.6664.10 - PC-Doctor, Inc.) Hidden
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
GFExperience.Deployer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer) (Version: 3.13.1.30 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
I.CA Diagnostic (HKLM-x32\...\{6969F77F-418C-448B-9CA2-D7304112609E}) (Version: 1.2.8.0 - První certifikační autorita, a.s.) Hidden
I.CA Diagnostic (HKLM-x32\...\I.CA Diagnostic 1.2.8.0) (Version: 1.2.8.0 - První certifikační autorita, a.s.)
I.CA Maintenance (HKLM-x32\...\{29BC7C1E-3AEC-47AB-B820-FC16D759F1B3}) (Version: 1.3.0.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.0.0) (Version: 1.3.0.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{446955F6-A94B-4293-B646-43A9ADD4D62B}) (Version: 1.2.5.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.2.5.0) (Version: 1.2.5.0 - První certifikační autorita, a.s.)
I.CA SecureStore 4.5 (HKLM\...\{974DE7F0-8CE5-4269-9395-2E1314A7E8CB}) (Version: 4.5 - První certifikační autorita, a.s.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Network Scanner version 4.0.0.199 (HKLM-x32\...\Network Scanner_is1) (Version: 4.0.0.199 - LizardSystems)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.11.00.445 - Huawei Technologies Co.,Ltd)
Ovládací panel NVIDIA 391.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.25 - NVIDIA Corporation) Hidden
Ovladač skeneru SHARP MFP TWAIN K (HKLM-x32\...\SHARP MFP TWAIN K Scanner Driver) (Version: 1.00.000 - SHARP)
PDP 2016.01 (HKLM-x32\...\Podnikový a domácí právník 2016_is1) (Version: - )
PDP 2020.01 (HKLM-x32\...\Podnikový a domácí právník 2020_is1) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\PhotoFiltre Studio X) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Printer Status Monitor Version 4.2.0 (HKLM-x32\...\Printer Status Monitor) (Version: 4 - SHARP)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21289 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8578 - Realtek Semiconductor Corp.)
Registrace produktu (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:) Hidden
Registrace produktu Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:)
SHARP MX/MX-M/DX Series PCL/PS Printer Driver (HKLM-x32\...\SHARP MX-2310U PCL PS Printer Driver) (Version: 1.00.000 - SHARP)
Sharpdesk (HKLM-x32\...\{2A30AFBD-6DA5-499F-A83B-7CB2DFF21C23}) (Version: 3.3 - SHARP CORPORATION)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
SmartPSS 2.02.1 (HKLM-x32\...\SmartPSS) (Version: 2.02.1 - )
STORMWARE POHODA Start CZ (HKLM-x32\...\{9048A3CC-D8F1-46FD-91D4-1D157BE71447}) (Version: 11601.12 - STORMWARE)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{139493B2-F1BC-4F05-A974-B49297C1EB04}) (Version: 1.1.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_SK_is1) (Version: 18.0.1.4 - ZONER software)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-01] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-10] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-01-08] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxDTCM.dll [2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Dell_tatka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2016-03-04 17:31 - 2015-06-02 18:51 - 000127057 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh3.dll
2016-03-04 17:31 - 2015-07-28 17:38 - 000143449 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh4.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000127062 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\ShDevice.dll
2016-03-04 17:31 - 2015-06-02 18:50 - 000770048 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSNMP2.dll
2016-03-04 17:31 - 2015-06-02 18:50 - 000106496 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSnmpWrapper.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000061520 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\MIBaccs.dll
2016-03-04 17:31 - 2015-07-28 17:38 - 000094208 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResSh3CSY.DLL
2016-03-04 17:31 - 2015-07-28 17:38 - 000077824 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResSh4CSY.DLL
2016-03-04 17:31 - 2015-07-28 17:39 - 000094208 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResShDeviceCSY.DLL
2016-03-04 17:31 - 2015-07-28 17:39 - 000090112 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\resources\resSMON2CSY.dll
2016-03-04 17:31 - 2015-06-02 18:44 - 000131072 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\SMONIPRV.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000028752 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\smonpdb.dll
2011-12-22 23:51 - 2011-12-22 23:51 - 000006144 _____ () [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\discoveryps.dll
2011-12-23 00:01 - 2011-12-23 00:01 - 000930304 _____ () [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\SCprMfpif.dll
2018-01-10 07:33 - 2009-06-23 03:42 - 000043008 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2018-01-10 07:33 - 2009-01-10 19:32 - 000011362 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2018-01-10 07:33 - 2013-08-31 06:44 - 002417152 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2018-01-10 07:33 - 2013-08-31 06:46 - 001148416 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2016-01-07 10:47 - 2016-06-14 21:01 - 001298640 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2011-12-22 23:44 - 2011-12-22 23:44 - 000257024 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\FlowManager.dll
2011-12-15 16:54 - 2011-12-15 16:54 - 000563200 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\mfpngbh.dll
2011-12-23 00:05 - 2011-12-23 00:05 - 000596480 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\ProfMgr.dll
2011-12-22 23:43 - 2011-12-22 23:43 - 000434176 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\Resources\resndkENU.dll
2011-12-22 23:51 - 2011-12-22 23:51 - 000786944 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\SNMPSvcs.dll
2011-12-15 16:57 - 2011-12-15 16:57 - 000310784 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\ValMgr.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-05-29 09:05 - 2019-05-29 10:55 - 000000433 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dell_tatka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 185.108.120.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{43C77527-8A8E-4D5B-987C-03D383F418B2}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [TCP Query User{071C9637-CF6F-461E-8B86-57DF5989C3E3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{95423BA3-EF06-4AEC-8800-D51CD361E06A}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe No File
FirewallRules: [UDP Query User{C5D43968-36F4-4213-B016-6E17C858ACCF}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{58B3A1A2-119A-4DE4-96AB-90B076E003BD}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{CD7BF9AE-44B5-491E-AC29-DBB265E02E71}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{4627DD6A-FB29-4A81-B24E-9DC32894066D}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{EACC7C3C-6164-44F0-A86A-F0EF51CBF3F1}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Block) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [TCP Query User{E6DD19BC-8EB7-4707-8108-30A32D7EF2B4}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Block) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [UDP Query User{AE6D0C3E-E556-4673-AD2A-6545F570DC33}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Allow) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [TCP Query User{08083C2E-7EEB-4C6C-89CD-07EFEDB602E8}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Allow) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [{F626C789-9157-46E5-A1E8-D472DFB2875A}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [{14B689EE-47F9-4EE0-9439-107D75FC74A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe (Intel(R) Wireless Display -> )
FirewallRules: [{17317716-F47E-489E-AEF9-958155AA5BAF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe No File
FirewallRules: [{C13CE699-DE4A-4B71-9AD8-AE91943FD78C}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe (Intel(R) Wireless Display -> Intel Corporation)
FirewallRules: [{D35D9F3A-8937-4B10-95C4-10BDD24A07A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{FA1F0C9D-C24B-4688-9C4A-82E9364ED369}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{43259E2C-5155-4BA2-82E9-79DB28843A45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC847E9C-8E33-428E-861D-2DFB149493CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66ACB363-159C-4C7D-8AA3-913FDF06AA17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{DC9908B4-A5DA-410E-96BE-66A52896A7AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{6BF98FC1-EB55-48D1-B66D-F4213EE19470}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{74BEB868-02AC-40EC-8FD6-628BF054BD3C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{47C4AE9F-A06B-4150-804F-5CF4A07C506F}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [TCP Query User{0D99E45A-5114-4A57-BAE6-4D02C6000634}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [UDP Query User{69AA6F1F-7B36-4B37-8CCB-85BE8F2F23E3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{ADE6A743-C2B0-4F6C-BE53-536C22163ABE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [TCP Query User{05939026-83F2-4A24-B769-C447CC62B6C3}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [UDP Query User{A2090841-236F-4956-9F85-BB85A3ACE5E4}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [{B1A04FD5-CD24-4A48-9CCC-FD9086925FFE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:106.15 GB) (Free:5.12 GB) (5%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/18/2020 10:04:16 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 30648; požadovaná velikost: 31384.
Error: (01/18/2020 10:03:44 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 7932 ms
DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function: WIPolicyActiveRelationshipTableChanged::execute
Message: Unhandled exception caught during execution of work item
Framework Event: PolicyActiveRelationshipTableChanged [44]
Policy: Active Policy [0]
Exception Function: Policy::executePolicyActiveRelationshipTableChanged
Exception Text:
DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Error: (01/18/2020 10:03:44 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 7918 ms
DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function: WIPolicyActiveRelationshipTableChanged::execute
Message: Unhandled exception caught during execution of work item
Framework Event: PolicyActiveRelationshipTableChanged [44]
Policy: Active Policy [0]
Exception Function: Policy::executePolicyActiveRelationshipTableChanged
Exception Text:
DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Error: (01/18/2020 10:03:25 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/18/2020 10:03:25 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (01/18/2020 09:25:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3848,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/17/2020 11:45:07 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9892,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/17/2020 10:44:26 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5092,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (01/18/2020 10:05:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Dell Digital Delivery Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/18/2020 10:05:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Dell Customer Connect neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/18/2020 10:03:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_54acd byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (01/18/2020 10:03:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. RunOuc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/18/2020 10:03:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. RunOuc bylo dosaženo časového limitu (45000 ms).
Error: (01/18/2020 10:03:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (01/18/2020 10:03:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (01/18/2020 10:03:25 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Windows Defender:
===================================
Date: 2019-10-11 09:15:18.348
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Program Files\KMSpico\AutoPico.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Verze bezpečnostních informací: AV: 1.245.822.0, AS: 1.245.822.0, NIS: 1.245.822.0
Verze modulu: AM: 1.1.13804.0, NIS: 1.1.13804.0
Date: 2019-10-11 09:15:16.300
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Program Files\KMSpico\Service_KMS.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Verze bezpečnostních informací: AV: 1.245.822.0, AS: 1.245.822.0, NIS: 1.245.822.0
Verze modulu: AM: 1.1.13804.0, NIS: 1.1.13804.0
CodeIntegrity:
===================================
Date: 2020-01-18 10:06:57.826
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 10:06:57.816
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-18 10:05:57.638
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-18 09:14:48.263
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-17 08:11:58.068
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-17 08:11:58.046
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-17 05:57:41.439
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-17 05:57:41.430
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.2.7 12/13/2017
Motherboard: Dell Inc. 000000
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 27%
Total physical RAM: 16254.29 MB
Available physical RAM: 11728.86 MB
Total Virtual: 18686.29 MB
Available Virtual: 14086.54 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:106.15 GB) (Free:5.12 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:928.41 GB) NTFS
\\?\Volume{8dc6a76a-60a4-4395-bb7f-f97ead963c53}\ (WINRETOOLS) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{537221fb-1e09-4fc8-a093-6569b7543d8e}\ (Image) (Fixed) (Total:11.6 GB) (Free:0.44 GB) NTFS
\\?\Volume{9a51c001-1279-4ec0-bc9d-b961b90eff20}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 24B8784C)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 3E66F4BB)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2020
Ran by Dell_tatka (administrator) on DELL (Dell Inc. Inspiron 7559) (18-01-2020 10:05:41)
Running from C:\Users\Dell_tatka\Desktop
Loaded Profiles: Dell_tatka (Available Profiles: Dell_tatka)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
() [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe
(@ByELDI -> @ByELDI) [File not signed] C:\Program Files\KMSpico\Service_KMS.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(EnTech Taiwan -> EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\FTPServer.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\nsapp.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\SharpTray.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9278152 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [SN02IPRW] => C:\Windows\SysWOW64\SN02SELC.EXE [135168 2005-02-15] (SHARP CORPORATION) [File not signed]
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [183088 2019-12-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2016-04-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [SharpTray.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe [156672 2011-12-20] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [FtpServer.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\FtpServer.exe [820224 2011-12-22] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [IndexTray.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\IndexTray.exe [395264 2011-12-20] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [ICAMaintenance_ICAPKIService_RegKeysRefresh] => C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --notification-launch-id=3|0|Default|0|hxxps://www.cestujlevne.com/|p#hxxps://www.cest ... b08aecdfcd --flag-switches-begin --flag-switches-end --restore-last-session
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {6e6b3076-f1f5-11e7-9c26-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc29b-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc481-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2016-06-13]
ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan -> EnTech Taiwan)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printer Status Monitor.lnk [2016-03-04]
ShortcutTarget: Printer Status Monitor.lnk -> C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04E49419-204A-438C-A059-B335E4346E83} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {10971286-2681-434A-AD83-9DBE477AE885} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {14650F43-B992-4118-ACC9-E1E0E60801D8} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {1A2EE529-0449-4294-9845-592EFB18EADB} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1A942868-3D6D-4DE1-A3C3-F276DA35331E} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {31CDA273-9065-4C80-944A-BA08FB1DF270} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {32068555-180C-4F88-8229-5BDE044EAA9E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
Task: {4BE2D38A-3822-4253-AA0F-ADBC10130A04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {6E3C8BFF-A891-4ADE-B102-C4934836B613} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {939162BD-F937-443E-B0F8-9A15ACB6B83C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9685FE77-E6D1-4E21-9E4B-64638743A898} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
Task: {983BD77F-C68B-4357-B662-367FD7745F10} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F86F30D-53B1-4D50-BD09-C9110843DDE1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {A8CC2AE5-AC15-461C-BE6D-F9EFC19AF08F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {BC3B138D-D504-46C8-94D8-E119A098B5E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3395BB3-1069-4272-9068-58924E1CB982} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2013600 2018-06-12] (NVIDIA Corporation -> )
Task: {EB4FE8C8-8516-4F24-B5DF-2BD79B591FE9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F03C1109-9C5B-4592-B71D-75D3E3E206C7} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {F2F00761-97D7-4716-AA05-B3B4ABC1795A} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {F3C6A751-D8E0-40C5-9E7D-4654226E1A07} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 185.108.120.1 8.8.8.8
Tcpip\..\Interfaces\{57533889-0b01-4c5c-9e4d-20fa9865c0b4}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{dc737c9a-0fbe-4ebd-9482-610a7480c65e}: [DhcpNameServer] 18.0.0.16
Tcpip\..\Interfaces\{e76e89b9-6f70-4bcf-8f42-0181a9337366}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{f8e97a97-203e-460b-bcb1-a7f5149c06b9}: [DhcpNameServer] 185.108.120.1 8.8.8.8
Internet Explorer:
==================
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell15.msn.com/?pc=DCTE
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> DefaultScope {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files (x86)\Sharp\Sharpdesk\ExplorerExtensions.dll [2011-12-20] (SHARP CORPORATION) [File not signed]
Edge:
======
DownloadDir: C:\Users\Dell_tatka\Downloads
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Notifications: Default -> hxxps://0.costsimpleplay.com; hxxps://www.cestujlevne.com; hxxps://www.planetacestovani.cz
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default [2020-01-18]
CHR Extension: (Prezentace) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-04]
CHR Extension: (YouTube) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-04]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-01-06]
CHR Extension: (Elektronický podpis ČSOB) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahecpanklnlonjjlojnjjcigcbflego [2018-08-21]
CHR Extension: (Tabulky) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-18]
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36032 2019-11-08] (Dell Inc -> )
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2245488 2019-12-13] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1585784 2016-06-03] (Intel Corporation - pGFX -> Intel Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] (Huawei Technologies Co., Ltd. -> )
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-07] (Intel(R) Wireless Display -> Intel)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [311584 2019-04-22] (Intel Corporation -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [651856 2013-10-26] (Huawei Technologies Co., Ltd. -> )
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [277192 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [615384 2017-02-07] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4110624 2019-04-22] (Intel Corporation -> Intel® Corporation)
S2 Dell Customer Connect; "C:\Program Files (x86)\Dell Customer Connect\DCCService.exe" [X]
S2 DellDigitalDelivery; "C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 CertPropSvc; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [70208 2016-05-18] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088 2016-05-18] (Intel Corporation -> Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-10-31] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-10-31] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-05-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-10-31] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-13] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [343608 2016-05-18] (Intel Corporation -> Intel Corporation)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2012-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380672 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Netwtw02; C:\WINDOWS\System32\drivers\Netwtw02.sys [6723856 2016-01-21] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8728672 2019-05-03] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_2c7c773e20d8bcfa\nvlddmkm.sys [17538080 2018-06-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-03-21] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
U5 SCardSvr; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-07] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 10:05 - 2020-01-18 10:06 - 000030550 _____ C:\Users\Dell_tatka\Desktop\FRST.txt
2020-01-18 10:05 - 2020-01-18 10:05 - 002573312 _____ (Farbar) C:\Users\Dell_tatka\Desktop\FRST64.exe
2020-01-18 10:02 - 2020-01-18 10:02 - 008237744 _____ (Malwarebytes) C:\Users\Dell_tatka\Desktop\adwcleaner_8.0.1.exe
2020-01-18 10:02 - 2020-01-18 10:02 - 001883976 _____ (Malwarebytes) C:\Users\Dell_tatka\Downloads\MBSetup (1).exe
2020-01-17 09:06 - 2020-01-17 09:06 - 000920350 _____ C:\Users\Dell_tatka\Downloads\Geometrický plán č. 7157_63-2018.pdf
2020-01-17 09:04 - 2020-01-17 09:04 - 000026734 _____ C:\Users\Dell_tatka\Downloads\Podmínky prodeje - Kroměříž.pdf
2020-01-16 09:56 - 2020-01-16 09:56 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-16 09:51 - 2020-01-16 09:51 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-16 09:51 - 2020-01-16 09:51 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-12 17:23 - 2020-01-12 17:23 - 000042134 _____ C:\Users\Dell_tatka\Desktop\Linka na kompozitní kari síť - Hodonín - Bazoš.cz.html
2020-01-12 17:23 - 2020-01-12 17:23 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Linka na kompozitní kari síť - Hodonín - Bazoš.cz_files
2020-01-12 16:56 - 2020-01-12 16:56 - 000025591 _____ C:\Users\Dell_tatka\Desktop\Sklapěčka Romanital Ercolino 1.3i - Třebíč - Bazoš.cz.html
2020-01-12 16:56 - 2020-01-12 16:56 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Sklapěčka Romanital Ercolino 1.3i - Třebíč - Bazoš.cz_files
2020-01-12 07:51 - 2020-01-12 07:51 - 000003335 _____ C:\Users\Dell_tatka\Downloads\doklady (4).txt
2020-01-10 13:16 - 2020-01-10 13:16 - 023463538 _____ C:\Users\Dell_tatka\Downloads\DV_190054 (1).pdf
2020-01-10 13:16 - 2020-01-10 13:16 - 008666067 _____ C:\Users\Dell_tatka\Downloads\DV_190056.pdf
2020-01-10 13:14 - 2020-01-10 13:14 - 001052755 _____ C:\Users\Dell_tatka\Downloads\DV_200001.pdf
2020-01-10 13:12 - 2020-01-10 13:12 - 023463538 _____ C:\Users\Dell_tatka\Downloads\DV_190054.pdf
2020-01-10 12:39 - 2020-01-10 12:39 - 000394312 _____ C:\Users\Dell_tatka\Downloads\studie_vymetal_blacklisting.pdf
2020-01-09 09:20 - 2020-01-09 09:20 - 000001260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Podnikový a domácí právník 2020.lnk
2020-01-09 09:20 - 2020-01-09 09:20 - 000001248 _____ C:\Users\Public\Desktop\Podnikový a domácí právník 2020.lnk
2020-01-09 09:18 - 2020-01-09 09:18 - 000000000 ____D C:\Program Files (x86)\LEGIS
2020-01-07 08:21 - 2020-01-07 08:21 - 001883976 _____ (Malwarebytes) C:\Users\Dell_tatka\Downloads\MBSetup.exe
2020-01-06 10:10 - 2020-01-18 10:06 - 000000000 ____D C:\FRST
2020-01-06 08:57 - 2020-01-06 08:57 - 000000000 ____D C:\Users\Dell_tatka\Downloads\backups
2020-01-06 08:56 - 2020-01-06 08:56 - 000388608 _____ (Trend Micro Inc.) C:\Users\Dell_tatka\Downloads\HijackThis.exe
2020-01-04 12:46 - 2020-01-04 12:46 - 000145874 _____ C:\Users\Dell_tatka\Desktop\Montáže sádrokartonů Veselí nad Moravou • Firmy.cz.html
2020-01-04 12:46 - 2020-01-04 12:46 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Montáže sádrokartonů Veselí nad Moravou • Firmy.cz_files
2020-01-04 12:36 - 2020-01-04 12:36 - 000204684 _____ C:\Users\Dell_tatka\Desktop\Tesařství, pokrývačství a klempířství Veselí nad Moravou • Firmy.cz.html
2020-01-04 12:36 - 2020-01-04 12:36 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Tesařství, pokrývačství a klempířství Veselí nad Moravou • Firmy.cz_files
2020-01-03 09:09 - 2020-01-03 09:09 - 000000185 _____ C:\Users\Dell_tatka\Downloads\doklady (3).txt
2020-01-02 11:02 - 2020-01-02 11:02 - 000000037 _____ C:\Users\Dell_tatka\Downloads\doklady (2).txt
2019-12-27 12:06 - 2019-12-27 12:06 - 001190931 _____ C:\Users\Dell_tatka\Downloads\03PT-003572 - Smlouva-a.pdf
2019-12-27 08:48 - 2019-12-27 08:48 - 000000597 _____ C:\Users\Dell_tatka\Documents\iBRIDGE Photos – Veselí ČS
2019-12-25 11:39 - 2019-12-25 11:39 - 000072453 _____ C:\Users\Dell_tatka\Downloads\Cenik_sluzeb_TD.pdf
2019-12-22 09:18 - 2019-12-22 09:18 - 000000000 ____D C:\WINDOWS\{D9D526E4-4469-47D1-A5F7-65696A7980DD}
2019-12-22 09:18 - 2019-12-22 09:18 - 000000000 ____D C:\WINDOWS\{D7BFF4AE-10EB-46B8-9A9A-5E8FEE1EFB86}
2019-12-20 13:39 - 2019-12-20 13:41 - 000000000 ____D C:\Users\Dell_tatka\Desktop\fotky 2019
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 10:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2020-01-18 10:04 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-18 10:03 - 2019-07-26 06:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-18 10:03 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-18 10:03 - 2017-05-11 05:34 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-18 10:03 - 2016-03-04 16:27 - 000000000 __SHD C:\Users\Dell_tatka\IntelGraphicsProfiles
2020-01-18 10:03 - 2016-03-04 15:21 - 000000000 ____D C:\Program Files (x86)\Dell
2020-01-18 10:03 - 2016-01-07 10:37 - 000000000 ____D C:\WINDOWS\Dell
2020-01-18 10:03 - 2016-01-07 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-01-18 10:03 - 2016-01-07 10:35 - 000000000 ____D C:\Program Files\Dell
2020-01-18 10:03 - 2016-01-07 10:08 - 000000000 ____D C:\ProgramData\Dell
2020-01-18 09:46 - 2018-04-26 07:39 - 000000000 ____D C:\Users\Public\SmartPSS
2020-01-18 09:22 - 2016-03-04 16:50 - 000000000 ____D C:\Users\Dell_tatka\Documents\Soubory aplikace Outlook
2020-01-17 12:14 - 2019-07-26 06:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-17 06:48 - 2016-03-04 14:44 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-17 06:48 - 2016-03-04 14:44 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-17 06:02 - 2019-07-26 06:14 - 001695456 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-17 06:02 - 2019-03-19 12:55 - 000719670 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-17 06:02 - 2019-03-19 12:55 - 000145698 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-17 06:02 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-17 05:59 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-17 05:54 - 2019-07-26 06:01 - 000433232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 12:58 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 12:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 12:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 12:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-16 10:00 - 2016-03-04 17:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-16 09:58 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-16 09:58 - 2016-03-04 17:09 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-16 09:48 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-16 08:40 - 2019-11-20 09:54 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Česká Spořitelna Veselí
2020-01-16 06:20 - 2017-11-24 06:34 - 000000000 ____D C:\Users\Dell_tatka\AppData\Local\Packages
2020-01-14 08:29 - 2016-06-09 08:34 - 000000000 ____D C:\Users\Dell_tatka\Desktop\scan
2020-01-14 06:22 - 2016-05-24 10:43 - 000000000 ____D C:\Users\Dell_tatka\AppData\Roaming\vlc
2020-01-07 08:22 - 2017-03-22 10:25 - 000000000 ____D C:\AdwCleaner
2020-01-06 08:56 - 2016-03-04 16:27 - 000000000 ____D C:\Users\Dell_tatka\AppData\Local\VirtualStore
2020-01-06 06:56 - 2019-11-20 09:57 - 000000000 ____D C:\Users\Dell_tatka\Desktop\AKE vše
2020-01-02 07:44 - 2017-12-03 07:15 - 000032231 _____ C:\Users\Dell_tatka\Desktop\OSKOL Spotřeba energií.xlsx
2019-12-27 09:21 - 2019-06-19 14:06 - 000000000 ____D C:\ProgramData\I.CA SecureStore
2019-12-22 07:22 - 2018-11-10 10:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
- Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakujicici okna z chrome prohlizece
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [{95423BA3-EF06-4AEC-8800-D51CD361E06A}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe No File
FirewallRules: [{17317716-F47E-489E-AEF9-958155AA5BAF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe No File
FirewallRules: [{D35D9F3A-8937-4B10-95C4-10BDD24A07A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{66ACB363-159C-4C7D-8AA3-913FDF06AA17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{DC9908B4-A5DA-410E-96BE-66A52896A7AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [TCP Query User{05939026-83F2-4A24-B769-C447CC62B6C3}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [UDP Query User{A2090841-236F-4956-9F85-BB85A3ACE5E4}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
C:\Program Files\KMSpico
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {6e6b3076-f1f5-11e7-9c26-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc29b-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc481-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
Task: {14650F43-B992-4118-ACC9-E1E0E60801D8} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {31CDA273-9065-4C80-944A-BA08FB1DF270} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {32068555-180C-4F88-8229-5BDE044EAA9E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
Task: {4BE2D38A-3822-4253-AA0F-ADBC10130A04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {939162BD-F937-443E-B0F8-9A15ACB6B83C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> DefaultScope {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakujicici okna z chrome prohlizece
zdravim
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Dell_tatka (19-01-2020 08:49:08) Run:1
Running from C:\Users\Dell_tatka\Desktop
Loaded Profiles: Dell_tatka (Available Profiles: Dell_tatka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [{95423BA3-EF06-4AEC-8800-D51CD361E06A}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe No File
FirewallRules: [{17317716-F47E-489E-AEF9-958155AA5BAF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe No File
FirewallRules: [{D35D9F3A-8937-4B10-95C4-10BDD24A07A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{66ACB363-159C-4C7D-8AA3-913FDF06AA17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{DC9908B4-A5DA-410E-96BE-66A52896A7AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [TCP Query User{05939026-83F2-4A24-B769-C447CC62B6C3}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [UDP Query User{A2090841-236F-4956-9F85-BB85A3ACE5E4}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
C:\Program Files\KMSpico
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {6e6b3076-f1f5-11e7-9c26-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc29b-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc481-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
Task: {14650F43-B992-4118-ACC9-E1E0E60801D8} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {31CDA273-9065-4C80-944A-BA08FB1DF270} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {32068555-180C-4F88-8229-5BDE044EAA9E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
Task: {4BE2D38A-3822-4253-AA0F-ADBC10130A04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {939162BD-F937-443E-B0F8-9A15ACB6B83C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> DefaultScope {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
EmptyTemp:
End
*****************
CloseProesses: => Error: No automatic fix found for this entry.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{95423BA3-EF06-4AEC-8800-D51CD361E06A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{17317716-F47E-489E-AEF9-958155AA5BAF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D35D9F3A-8937-4B10-95C4-10BDD24A07A3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{66ACB363-159C-4C7D-8AA3-913FDF06AA17}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DC9908B4-A5DA-410E-96BE-66A52896A7AC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{05939026-83F2-4A24-B769-C447CC62B6C3}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A2090841-236F-4956-9F85-BB85A3ACE5E4}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe" => removed successfully
C:\Program Files\KMSpico => moved successfully
HKU\S-1-5-21-139710159-428793708-3185880871-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e6b3076-f1f5-11e7-9c26-e094678fa420} => removed successfully
HKU\S-1-5-21-139710159-428793708-3185880871-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f21cc29b-ba5a-11e9-9c71-e094678fa420} => removed successfully
HKU\S-1-5-21-139710159-428793708-3185880871-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f21cc481-ba5a-11e9-9c71-e094678fa420} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14650F43-B992-4118-ACC9-E1E0E60801D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14650F43-B992-4118-ACC9-E1E0E60801D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{31CDA273-9065-4C80-944A-BA08FB1DF270}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31CDA273-9065-4C80-944A-BA08FB1DF270}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32068555-180C-4F88-8229-5BDE044EAA9E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32068555-180C-4F88-8229-5BDE044EAA9E}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4BE2D38A-3822-4253-AA0F-ADBC10130A04}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BE2D38A-3822-4253-AA0F-ADBC10130A04}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{939162BD-F937-443E-B0F8-9A15ACB6B83C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{939162BD-F937-443E-B0F8-9A15ACB6B83C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKU\S-1-5-21-139710159-428793708-3185880871-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-139710159-428793708-3185880871-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F7CAC1BE-A819-461E-B11A-76C0E8014707} => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 140053435 B
Java, Flash, Steam htmlcache => 863 B
Windows/system/drivers => 2365436 B
Edge => 11639201 B
Chrome => 473728125 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 105576 B
NetworkService => 107168 B
Dell_tatka => 203084310 B
RecycleBin => 13444927 B
EmptyTemp: => 815.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 08:55:47 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Dell_tatka (19-01-2020 08:49:08) Run:1
Running from C:\Users\Dell_tatka\Desktop
Loaded Profiles: Dell_tatka (Available Profiles: Dell_tatka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [{95423BA3-EF06-4AEC-8800-D51CD361E06A}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe No File
FirewallRules: [{17317716-F47E-489E-AEF9-958155AA5BAF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe No File
FirewallRules: [{D35D9F3A-8937-4B10-95C4-10BDD24A07A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{66ACB363-159C-4C7D-8AA3-913FDF06AA17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{DC9908B4-A5DA-410E-96BE-66A52896A7AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [TCP Query User{05939026-83F2-4A24-B769-C447CC62B6C3}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [UDP Query User{A2090841-236F-4956-9F85-BB85A3ACE5E4}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
C:\Program Files\KMSpico
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {6e6b3076-f1f5-11e7-9c26-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc29b-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc481-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
Task: {14650F43-B992-4118-ACC9-E1E0E60801D8} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {31CDA273-9065-4C80-944A-BA08FB1DF270} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {32068555-180C-4F88-8229-5BDE044EAA9E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
Task: {4BE2D38A-3822-4253-AA0F-ADBC10130A04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {939162BD-F937-443E-B0F8-9A15ACB6B83C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> DefaultScope {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
EmptyTemp:
End
*****************
CloseProesses: => Error: No automatic fix found for this entry.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{95423BA3-EF06-4AEC-8800-D51CD361E06A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{17317716-F47E-489E-AEF9-958155AA5BAF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D35D9F3A-8937-4B10-95C4-10BDD24A07A3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{66ACB363-159C-4C7D-8AA3-913FDF06AA17}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DC9908B4-A5DA-410E-96BE-66A52896A7AC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{05939026-83F2-4A24-B769-C447CC62B6C3}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A2090841-236F-4956-9F85-BB85A3ACE5E4}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe" => removed successfully
C:\Program Files\KMSpico => moved successfully
HKU\S-1-5-21-139710159-428793708-3185880871-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e6b3076-f1f5-11e7-9c26-e094678fa420} => removed successfully
HKU\S-1-5-21-139710159-428793708-3185880871-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f21cc29b-ba5a-11e9-9c71-e094678fa420} => removed successfully
HKU\S-1-5-21-139710159-428793708-3185880871-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f21cc481-ba5a-11e9-9c71-e094678fa420} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14650F43-B992-4118-ACC9-E1E0E60801D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14650F43-B992-4118-ACC9-E1E0E60801D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{31CDA273-9065-4C80-944A-BA08FB1DF270}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31CDA273-9065-4C80-944A-BA08FB1DF270}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32068555-180C-4F88-8229-5BDE044EAA9E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32068555-180C-4F88-8229-5BDE044EAA9E}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4BE2D38A-3822-4253-AA0F-ADBC10130A04}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BE2D38A-3822-4253-AA0F-ADBC10130A04}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{939162BD-F937-443E-B0F8-9A15ACB6B83C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{939162BD-F937-443E-B0F8-9A15ACB6B83C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKU\S-1-5-21-139710159-428793708-3185880871-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-139710159-428793708-3185880871-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F7CAC1BE-A819-461E-B11A-76C0E8014707} => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 140053435 B
Java, Flash, Steam htmlcache => 863 B
Windows/system/drivers => 2365436 B
Edge => 11639201 B
Chrome => 473728125 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 105576 B
NetworkService => 107168 B
Dell_tatka => 203084310 B
RecycleBin => 13444927 B
EmptyTemp: => 815.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 08:55:47 ====
- Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakujicici okna z chrome prohlizece
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakujicici okna z chrome prohlizece
Zdravim.
Dekuji pomochlo. Posilam penize .Diky
Mohl bych poprosit o kontrolu logu meho pc. Obcas mi zamrzne obrazovka a po cca 5 sekundach se zase rozjede
Dekuji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Michal (22-01-2020 06:30:07)
Running from C:\Users\Michal\Desktop
Windows 10 Pro Version 1903 18362.592 (X64) (2019-07-02 14:23:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2709589950-1360842280-2128968388-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2709589950-1360842280-2128968388-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2709589950-1360842280-2128968388-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2709589950-1360842280-2128968388-501 - Limited - Disabled)
Michal (S-1-5-21-2709589950-1360842280-2128968388-1001 - Administrator - Enabled) => C:\Users\Michal
WDAGUtilityAccount (S-1-5-21-2709589950-1360842280-2128968388-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.426 - ABBYY Production LLC)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3024 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.02.3001 - Acer Incorporated)
Advanced IP Scanner 2.5 (HKLM-x32\...\{6ABB4DB7-5E8F-4F7A-AAF2-C7B4337B7161}) (Version: 2.5.3233 - Famatech)
Aktualizace ovladače pro aplikaci Centrum zařízení Windows Mobile (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
App Explorer (HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ATTENTION
Backup and Sync from Google (HKLM\...\{7B473CF8-CE4F-4AE1-A86D-CFBDDCC85FAF}) (Version: 3.47.8667.1399 - Google, Inc.)
Balíček ovladače systému Windows - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9) (Version: 10/22/2009 2.06.00 - FTDI)
Balíček ovladače systému Windows - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\88EB56038379B8B7DCFB4D2448A60F52E064B265) (Version: 10/22/2009 2.06.00 - FTDI)
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Boris FX Continuum Plug-ins 11 for Cyberlink (HKLM\...\{7E607B62-1788-40CB-BADB-DC1511627F6C}_is1) (Version: - Boris FX, Inc.)
Camera Stream Controller (HKLM-x32\...\Camera Stream Controller) (Version: 1.0.0.114 - VIVOTEK INC.)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
CyberLink ActionDirector 3 (HKLM-x32\...\{49483CD6-CB26-49EB-8C43-B0EA00927B5F}) (Version: 3.0.2219.0 - CyberLink Corp.)
CyberLink PowerDirector 16 (HKLM-x32\...\{EE9EC028-49D2-4349-B0A3-9B2E752A4958}) (Version: 16.0.2101.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
D-G Unlocker Tools v.1.0 (HKLM-x32\...\{1B0C7840-DEE7-4AE0-965D-6B3892286A68}) (Version: 1.00.0000 - D&G Unlocker)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.1.0 - IObit)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 19.300 (20190319_12) - Solitea Česká republika, a.s.)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
FastShare.cz verze 2.4.0 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.4.0 - )
Firebird 2.5.9.27139 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.9.27139 - Firebird Project)
Freedome VPN (HKLM-x32\...\F-Secure Freedome) (Version: 1.3.2915.0 - F-Secure Corporation)
Freedome VPN (source) (HKLM-x32\...\{83A4BF20-6745-437C-98D8-3C4B94D174EB}) (Version: 1.16.0612 - Acer)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 3.32.000 - Runtime Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GoPro Quik (HKLM\...\{8B7D1DD1-5CA4-4B6E-9A86-3EA9E3601DF3}) (Version: 0.1.841 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{f1aab631-23ee-456b-a5ef-6e4d9d638068}) (Version: 2.6.2.841 - GoPro, Inc.)
I.CA Diagnostic (HKLM-x32\...\{6969F77F-418C-448B-9CA2-D7304112609E}) (Version: 1.2.8.0 - První certifikační autorita, a.s.) Hidden
I.CA Diagnostic (HKLM-x32\...\I.CA Diagnostic 1.2.8.0) (Version: 1.2.8.0 - První certifikační autorita, a.s.)
I.CA Maintenance (HKLM-x32\...\{29BC7C1E-3AEC-47AB-B820-FC16D759F1B3}) (Version: 1.3.0.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.0.0) (Version: 1.3.0.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{446955F6-A94B-4293-B646-43A9ADD4D62B}) (Version: 1.2.5.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.2.5.0) (Version: 1.2.5.0 - První certifikační autorita, a.s.)
I.CA SecureStore 4.5 (HKLM\...\{974DE7F0-8CE5-4269-9395-2E1314A7E8CB}) (Version: 4.5 - První certifikační autorita, a.s.)
Intel Driver && Support Assistant (HKLM-x32\...\{3EAAD5EA-1D87-442D-8426-FD4FCE62119D}) (Version: 19.12.50.5 - Intel) Hidden
Intel(R) 2D Imaging Setup Wizard (HKLM\...\{ac212bd0-e091-426e-9db4-ee9c07bb0e93}) (Version: 30.10586.7035.1976 - Intel Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{A9133872-C9FE-45CC-8F01-D1947B0F09EA}) (Version: 2.4.04755 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.2.1183 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4691 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation)
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{8d174f37-ea1a-4e4d-be82-c10521a3c687}) (Version: 19.12.50.5 - Intel)
Intel® Integrated Sensor Solution (HKLM-x32\...\{bb5db3f1-f986-40a9-8a7e-c361a35d9b90}) (Version: 3.0.30.1044 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{CCBE9F01-C2C3-469C-A508-2E23A7495E91}) (Version: 1.0.0.609 - Intel Corporation)
ISS_Drivers_x64 (HKLM\...\{573398AD-0A98-44AA-9CA7-E8257F495514}) (Version: 3.0.30.1044 - Intel Corporation) Hidden
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.12325.20298 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 45.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0 (x86 en-US)) (Version: 45.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.5 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VII for Windows (HKLM-x32\...\NewBlue Video Essentials VII for Windows) (Version: 3.0 - NewBlue)
O&O Defrag Professional (HKLM\...\{6F9CDC3F-27D8-4A38-B81D-7E2DE3AF8434}) (Version: 19.0.87 - O&O Software GmbH)
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.11.00.445 - Huawei Technologies Co.,Ltd)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20298 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Ontrack® EasyRecovery™ Professional for Windows (HKLM-x32\...\Ontrack® EasyRecovery™ Professional for Windows_is1) (Version: 12.0.0.2 - Kroll Ontrack)
Open Transport Tycoon Deluxe 0.7.5 (HKLM-x32\...\Open Transport Tycoon Deluxe 0.7.5) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PC-CCID (HKLM\...\{3DCDFCDB-4D96-4CF0-9BB3-C91DAE9073F3}) (Version: 2.0.0 - Gemalto)
PDFsam Basic (HKLM\...\{C3C9A143-931C-42FD-AAC7-26E7B5502BF8}) (Version: 4.0.4.0 - Sober Lemur S.a.s. di Vacondio Andrea)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.115.3 - proDAD GmbH)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10245 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.212 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11224 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SHARP MFP TWAIN K Scanner Driver (HKLM-x32\...\SHARP MFP TWAIN K Scanner Driver) (Version: 4.01.05 - SHARP)
SHARP MX/MX-M Series PC-Fax Driver (HKLM-x32\...\SHARP MX-2310U PC-Fax Driver) (Version: 1.00.000 - SHARP)
SHARP MX/MX-M/DX Series Printer Driver (HKLM-x32\...\SHARP MX-2310U Printer Driver) (Version: 1.00.000 - SHARP)
Sharpdesk (HKLM-x32\...\{2A30AFBD-6DA5-499F-A83B-7CB2DFF21C23}) (Version: 3.3 - SHARP CORPORATION)
Skype verze 8.54 (HKLM-x32\...\Skype_is1) (Version: 8.54 - Skype Technologies S.A.)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Služba Xperia Companion (HKLM\...\{7D8E3C78-DA8C-4BBC-86BC-6A42068EE7C2}) (Version: 1.3.2.0 - Sony) Hidden
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
SmartPSS 2.02.1 (HKLM-x32\...\SmartPSS) (Version: 2.02.1 - )
Synology Photo Station Uploader (remove only) (HKLM-x32\...\Photo Station Uploader) (Version: 1.4.0.080 - Synology)
TAGRA 137 (HKLM-x32\...\{AD8747CD-02E9-4900-986E-B5C05A23ABCD}) (Version: 137 - Truck Data Technology s.r.o.) Hidden
TAGRA 137 (HKLM-x32\...\TAGRA 137 137) (Version: 137 - Truck Data Technology s.r.o.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.52a - Ghisler Software GmbH)
Total PDF Printer (HKLM-x32\...\Total PDF Printer_is1) (Version: - Softplicity, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vodafone Mobile Broadband (HKLM-x32\...\{1533A6AC-7984-4EA6-9A68-23C2537D3250}) (Version: 1.2.7.56241 - Vodafone)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-4) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{34D872B2-47FB-40A4-8C3F-915EA14F2586}) (Version: 1.3.2.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{f494d3ac-4796-4bbd-b7a0-1873600d110d}) (Version: 1.3.2.0 - Sony)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1704.2.22 - ZONER software)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-17] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-12] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-19] (MAGIX)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001_Classes\CLSID\{34EC519D-F525-2154-E03D-BF10F78ECA8E}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001_Classes\CLSID\{6BE99E87-B6FB-4CC3-AE69-DFCF33303D55} -> [Tiskové exporty z Money S3] => C:\Users\Public\Documents\Solitea\Money S3\PRINT\ [0000-00-00 00:00]
CustomCLSID: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-11] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2014-07-14] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-12-22] (Google LLC -> Google)
ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2015-09-14] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-11] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2015-09-14] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-12-22] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\igfxDTCM.dll [2019-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-11] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2014-07-14] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2015-09-14] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2709589950-1360842280-2128968388-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2017-09-06] (proDAD GmbH -> proDAD GmbH)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-01-30 16:00 - 2019-01-30 16:00 - 001106432 _____ ( Prvni certifikacni autorita, a.s.) [File not signed] C:\WINDOWS\system32\SecureStoreCore.dll
2017-01-02 17:04 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2011-12-23 00:01 - 2011-12-23 00:01 - 000930304 _____ () [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\SCprMfpif.dll
2016-07-07 09:57 - 2016-07-07 09:57 - 000035328 _____ () [File not signed] C:\Program Files (x86)\Synology\Photo Station Uploader\ShellExtHandler.dll
2017-09-22 12:07 - 2009-06-23 03:42 - 000043008 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2017-09-22 12:07 - 2009-01-10 19:32 - 000011362 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2017-09-22 12:07 - 2013-08-31 06:44 - 002417152 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2017-09-22 12:07 - 2013-08-31 06:46 - 001148416 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000114176 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_ctypes.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000173056 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_elementtree.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001808896 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_hashlib.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000032256 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_multiprocessing.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000046080 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_psutil_windows.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000047616 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_socket.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 002241024 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_ssl.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000026112 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_yappi.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000080896 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\bz2.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000016384 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\common.time34.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000007680 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\hashobjs_ext.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000301568 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\PIL._imaging.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000169472 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\pyexpat.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001084416 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\pysqlite2._sqlite.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000548864 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\pythoncom27.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000137728 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\pywintypes27.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000010752 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\select.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000020992 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\thumbnails_ext.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000689664 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\unicodedata.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000119808 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\usb_ext.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000128512 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32api.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000438784 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32com.shell.shell.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000011776 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32crypt.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000023040 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32event.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000149504 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32file.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000223232 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32gui.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000048128 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32inet.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000029696 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32pdh.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000027648 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32pipe.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000044032 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32process.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000020480 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32profile.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000136192 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32security.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000026624 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32ts.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000034816 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\windows.conditional.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000038400 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\windows.connectivity.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000071680 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\windows.device_monitor.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000109056 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\windows.volumes.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000020480 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\windows.winwrap.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001325056 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._controls_.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001489408 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._core_.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001007104 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._gdi_.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000103424 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._html2.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000916992 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._misc_.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001039872 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._windows_.pyd
2019-01-30 16:02 - 2019-01-30 16:02 - 000482304 _____ () [File not signed] C:\WINDOWS\system32\SecureStoreCspRes.dll
2019-08-27 08:16 - 2019-06-20 10:07 - 000552960 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbclient.dll
2019-08-27 08:16 - 2019-06-20 10:07 - 000007680 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\ib_util.dll
2019-08-27 08:16 - 2019-06-20 10:08 - 000925696 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\intl\fbintl.DLL
2019-08-27 08:16 - 2019-06-20 10:05 - 000438272 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\plugins\fbtrace.dll
2019-01-30 11:14 - 2019-01-30 11:14 - 000944128 _____ (Free Software Foundation) [File not signed] C:\WINDOWS\system32\libiconv.dll
2019-08-27 08:16 - 2019-06-20 10:01 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\icudt30.dll
2019-08-27 08:16 - 2019-06-20 10:01 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\icuuc30.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\python27.dll
2019-08-16 14:29 - 2019-08-16 14:29 - 001635840 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2011-12-22 23:44 - 2011-12-22 23:44 - 000257024 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\FlowManager.dll
2011-12-15 16:54 - 2011-12-15 16:54 - 000563200 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\mfpngbh.dll
2011-12-23 00:05 - 2011-12-23 00:05 - 000596480 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\ProfMgr.dll
2011-12-22 23:43 - 2011-12-22 23:43 - 000434176 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\Resources\resndkENU.dll
2016-12-16 13:44 - 2011-02-07 12:41 - 000029184 _____ (SHARP CORPORATION) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\crprproc.dll
2019-08-16 14:29 - 2019-08-16 14:29 - 001902080 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\sqlite3.DLL
2019-08-16 14:29 - 2019-08-16 14:29 - 001902080 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2014-08-29 08:54 - 2014-08-29 08:54 - 001659904 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\WINDOWS\system32\LIBEAY32_101.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxbase30u_net_vc90_x64.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxbase30u_vc90_x64.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxmsw30u_adv_vc90_x64.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxmsw30u_core_vc90_x64.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxmsw30u_html_vc90_x64.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\OEM:{6D006200-5200-6F00-5700-6F0061003900} [664]
AlternateDataStreams: C:\ProgramData\TEMP:24C8262A [121]
AlternateDataStreams: C:\Users\Michal\Documents\Nová složka:{6D006200-5200-6F00-5700-6F0061003900} [664]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 12:47 - 2018-05-15 05:33 - 000000887 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 cap.cyberlink.com
127.0.0.1 activation.cyberlink.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal\Pictures\bear.jpg
DNS Servers: 185.108.120.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "WinSat"
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E3AF2B2B-8145-453B-8C43-EFB79393F1A8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{55861F68-BDF0-4EEB-8F84-C54689933DA1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{7181DE29-3845-4522-8A7C-2CF5F2AF58AD}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [TCP Query User{A1B87635-EC33-45AB-A3B8-01A3B4716F79}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [UDP Query User{ADF76EA7-DAD0-4A4D-AE45-44BBED4C32FB}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [TCP Query User{D5BB6F63-AC13-49EE-8259-C2487031E6F7}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [{14789CD3-EFDC-459F-827D-F35A8BE3A3CF}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{24D6F23D-D4A2-4B7F-BB02-6609EBC49558}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{0074F479-821A-469E-810C-C2854D187BF3}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{7BF08C4C-6621-4639-B3BF-2CE7B100D35C}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [UDP Query User{6D56B91E-0F80-4D4A-A89B-E2D78F96450E}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [TCP Query User{2ACAAC43-2FC2-43F6-A562-E3EF041BFA25}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{02943FDD-0932-4DE0-80ED-777151950726}] => (Block) %ProgramFiles% (x86)\Ontrack\EasyRecovery\OntrackEasyRecoveryforWindows.exe No File
FirewallRules: [{4E818203-4858-4413-94D2-B86AE43784A6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe No File
FirewallRules: [{2EECF095-B604-47AB-A281-B9AC7DBB26E4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe No File
FirewallRules: [{78F61F06-49B4-4CEE-974E-968ED7E5B53A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe No File
FirewallRules: [{14C8FA55-CCAF-4319-8F53-DF883B7A7C98}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe No File
FirewallRules: [UDP Query User{441E5441-DF25-4D1E-80B5-EBCC8B240881}C:\programy\totalcmd\totalcmd.exe] => (Allow) C:\programy\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{E0BA4DC5-64C3-4FD0-9BAA-6DC343789112}C:\programy\totalcmd\totalcmd.exe] => (Allow) C:\programy\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{670FEB18-F9BC-40BB-9EF9-55317F31E651}C:\program files\winbox.exe] => (Allow) C:\program files\winbox.exe () [File not signed]
FirewallRules: [TCP Query User{A5373FCE-75A6-4D4B-A7CC-F2D89351B796}C:\program files\winbox.exe] => (Allow) C:\program files\winbox.exe () [File not signed]
FirewallRules: [{82F46973-46FD-4A60-A0F2-53885339D3FB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{225914F4-93E7-4B3F-A965-AE6605A0B219}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C9E6AEFE-B24B-48ED-A0D4-60C67F7A2C1F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5B6E2EA6-4082-448B-ABAF-23FAA6AF784D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{47D11E2C-1444-438E-8D7B-E5FDD1B31B98}C:\osobni\vypal\!!\!!\zaloha dreambox\inetbox_dm500\image nemesis\server_mario\dreamset\dreamset.exe] => (Allow) C:\osobni\vypal\!!\!!\zaloha dreambox\inetbox_dm500\image nemesis\server_mario\dreamset\dreamset.exe (John V.) [File not signed]
FirewallRules: [TCP Query User{85183841-7B89-4ECD-9E29-C7F1A24F398E}C:\osobni\vypal\!!\!!\zaloha dreambox\inetbox_dm500\image nemesis\server_mario\dreamset\dreamset.exe] => (Allow) C:\osobni\vypal\!!\!!\zaloha dreambox\inetbox_dm500\image nemesis\server_mario\dreamset\dreamset.exe (John V.) [File not signed]
FirewallRules: [{983017BE-4068-4E6D-BF85-5BF934651B92}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{96B95ECC-3E1F-4507-8ADA-340459D63CFA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{713D7167-4CD3-4053-B7D8-7EB96AB18B3E}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{7071ED03-9CA0-442F-8182-3E8F20D924C1}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{AC91C1E6-0FF9-4994-95FD-6BC983E6C2A2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{8F0059E3-1F25-47E8-B5D7-3958643B4EF0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{5D8654AC-AA0D-4C65-99FA-D6949912D6B2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{24D148C9-2BAF-4726-A62D-1331570879BF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [TCP Query User{AFDDAFC6-2DFA-414E-B1AD-CBA55D33CB6C}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{8E618919-F764-4C7F-A098-A212E7EE41CA}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{9049F9E8-C289-4A66-98A0-1FAA0156BDF4}D:\aaa\micooffi20132016insv53\office 2013-2016 c2r install v5.3\files\bin\kmss.exe] => (Allow) D:\aaa\micooffi20132016insv53\office 2013-2016 c2r install v5.3\files\bin\kmss.exe No File
FirewallRules: [UDP Query User{B31D62C6-249A-4662-999F-ACAFD6FC6496}D:\aaa\micooffi20132016insv53\office 2013-2016 c2r install v5.3\files\bin\kmss.exe] => (Allow) D:\aaa\micooffi20132016insv53\office 2013-2016 c2r install v5.3\files\bin\kmss.exe No File
FirewallRules: [TCP Query User{6867770C-6CDE-4E49-A59C-EC53C0A39D99}C:\program files (x86)\synology\photo station uploader\mediauploader.exe] => (Allow) C:\program files (x86)\synology\photo station uploader\mediauploader.exe (Synology Inc. -> Synology Inc.) [File not signed]
FirewallRules: [UDP Query User{6FBECDF5-F86F-4A52-AABF-F3A62E58918D}C:\program files (x86)\synology\photo station uploader\mediauploader.exe] => (Allow) C:\program files (x86)\synology\photo station uploader\mediauploader.exe (Synology Inc. -> Synology Inc.) [File not signed]
FirewallRules: [{67ECED66-0FE0-4C2E-BEEB-B85037C54D8A}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony) [File not signed]
FirewallRules: [TCP Query User{65776CE7-162A-476F-9010-C6FC96769FD3}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{0C02A2E6-3392-41EE-8908-01F62923A88E}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{C7567B0F-1496-4584-BE84-3C5DAC8C5F22}C:\programy\totalcmd\totalcmd.exe] => (Allow) C:\programy\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{11B79E69-C71A-4E58-9DEF-B7BF7FA7FE89}C:\programy\totalcmd\totalcmd.exe] => (Allow) C:\programy\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{F376D13E-5B03-44A4-A711-4068A5B0768F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{818D271F-5A9F-4E91-A7F6-B557D12BD6B1}D:\programy\2013-2016 c2r install v5.9.3\files\bin\kmss.exe] => (Allow) D:\programy\2013-2016 c2r install v5.9.3\files\bin\kmss.exe No File
FirewallRules: [UDP Query User{B8553B82-F9E1-45EB-965B-BDF49830E2DD}D:\programy\2013-2016 c2r install v5.9.3\files\bin\kmss.exe] => (Allow) D:\programy\2013-2016 c2r install v5.9.3\files\bin\kmss.exe No File
FirewallRules: [TCP Query User{3D897D9D-05F6-40B0-91ED-51A13648C129}C:\program files\winbox.exe] => (Allow) C:\program files\winbox.exe () [File not signed]
FirewallRules: [UDP Query User{3B8A569F-2E7E-45F8-A2AB-F8152276074E}C:\program files\winbox.exe] => (Allow) C:\program files\winbox.exe () [File not signed]
FirewallRules: [TCP Query User{A2566036-A34E-46F5-A04A-553032264A95}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [UDP Query User{EC8A2355-408C-4B33-A3C7-04E58582D2C7}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{E9111D54-C349-46B5-833D-5B5F13D9C6DF}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{091CD5ED-6754-4A2F-AABA-F8B61138AB1E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CFAB0A0C-0EAA-4F44-90F7-2C26BDDE3F2F}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{54C133D9-F324-4CA8-ADD7-99A868B16196}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{4599629E-B390-4A25-BC3D-5A7531F388DF}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{D2974607-BB01-4F5E-A036-997C38BF4520}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{542101AA-3B96-42C5-8902-76D8694FD319}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9372A9C9-DBC4-46F7-A95B-B190694D3EE6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5FE09E51-2C92-4AB7-85B2-240F97F5AE12}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0C465DE5-4D60-47A3-9F2F-24FF6F7BF640}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{67A8759C-0841-4764-A92A-A2187D7EF857}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F818AB4D-F2FA-4E3D-8FC1-FF14F364DF52}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BFDDC46E-B4E0-4B85-8973-567EB732DC21}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6D31E743-D1B6-49E6-9683-81A7668A5C07}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D3B3A5C3-A18D-43FE-A006-41FABCD380E9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0CFD29B5-392A-4361-825D-EED97B19DE33}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{729DADFF-C490-43E6-8852-BCEF2E94B7FD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F2E70540-0066-4AE6-9EB5-9EDF654E228C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D7181734-735E-48BD-9F1C-CF0B46932626}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{90B0A9D2-EF97-45A8-8FFD-F26BC480351F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5452DCF8-33E0-4DC3-BB61-62F44E3697BC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
01-01-2020 11:45:34 Naplánovaný kontrolní bod
09-01-2020 08:13:32 Naplánovaný kontrolní bod
17-01-2020 07:05:56 Naplánovaný kontrolní bod
21-01-2020 13:34:40 Installed TAGRA 137
==================== Faulty Device Manager Devices ============
Name: Citron Hands-Free HF
Description: Role Handsfree pro hands-free profil Microsoft Bluetooth
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthHFEnum
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/22/2020 06:13:24 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (64760,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/22/2020 06:09:05 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MICHAL)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (01/21/2020 04:28:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance(CLSID_VSSCoordinator) došlo k neočekávané chybě. hr= 0x800401f0, Nebyla volána procedura CoInitialize.
.
Error: (01/21/2020 04:28:25 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem Coordinator nelze spustit. [0x800401f0, Nebyla volána procedura CoInitialize.
]
Error: (01/21/2020 03:56:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRP Remover Cracked.exe, verze: 1.0.0.0, časové razítko: 0x58373bba
Název chybujícího modulu: KERNELBASE.dll, verze: 6.2.18362.535, časové razítko: 0x5bd9df62
Kód výjimky: 0xe0434f4d
Posun chyby: 0x001135d2
ID chybujícího procesu: 0x%9
Čas spuštění chybující aplikace: 0xFRP Remover Cracked.exe0
Cesta k chybující aplikaci: FRP Remover Cracked.exe1
Cesta k chybujícímu modulu: FRP Remover Cracked.exe2
ID zprávy: FRP Remover Cracked.exe3
Úplný název chybujícího balíčku: FRP Remover Cracked.exe4
ID aplikace související s chybujícím balíčkem: FRP Remover Cracked.exe5
Error: (01/21/2020 03:56:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRP Remover Cracked.exe, verze: 1.0.0.0, časové razítko: 0x58373bba
Název chybujícího modulu: KERNELBASE.dll, verze: 6.2.18362.535, časové razítko: 0x5bd9df62
Kód výjimky: 0xe0434f4d
Posun chyby: 0x001135d2
ID chybujícího procesu: 0x%9
Čas spuštění chybující aplikace: 0xFRP Remover Cracked.exe0
Cesta k chybující aplikaci: FRP Remover Cracked.exe1
Cesta k chybujícímu modulu: FRP Remover Cracked.exe2
ID zprávy: FRP Remover Cracked.exe3
Úplný název chybujícího balíčku: FRP Remover Cracked.exe4
ID aplikace související s chybujícím balíčkem: FRP Remover Cracked.exe5
Error: (01/21/2020 03:48:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance(CLSID_VSSCoordinator) došlo k neočekávané chybě. hr= 0x800401f0, Nebyla volána procedura CoInitialize.
.
Error: (01/21/2020 03:48:18 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem Coordinator nelze spustit. [0x800401f0, Nebyla volána procedura CoInitialize.
]
System errors:
=============
Error: (01/22/2020 06:05:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_36ff388 byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (01/21/2020 04:32:11 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL)
Description: Server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2020 01:00:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_23f1904 byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (01/20/2020 10:13:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/20/2020 10:11:44 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_8fc05 byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (01/20/2020 10:11:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. RunOuc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/20/2020 10:11:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. RunOuc bylo dosaženo časového limitu (45000 ms).
Error: (01/20/2020 06:07:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2020-01-22 06:05:31.564
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-22 06:05:31.560
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-22 06:05:31.555
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-22 06:05:31.551
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-22 06:05:31.541
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-21 06:04:50.309
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-21 06:04:50.306
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-21 06:04:50.301
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.02 06/17/2016
Motherboard: Acer Hawaii
Processor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 47%
Total physical RAM: 8072.91 MB
Available physical RAM: 4214.63 MB
Total Virtual: 9352.91 MB
Available Virtual: 5182.66 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:475.83 GB) (Free:192.57 GB) NTFS
\\?\Volume{727208f8-994f-4a0b-a32f-3f87b4511309}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.57 GB) NTFS
\\?\Volume{0a955655-14a2-47b1-8d6c-1f62e8762783}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 947150D8)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2020
Ran by Michal (administrator) on MICHAL (Acer Switch SA5-271P) (22-01-2020 06:28:50)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: defaultuser0 & Michal)
Platform: Windows 10 Pro Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ABBYY Production LLC -> ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Acer Incorporated -> ) C:\OEM\Preload\FubTool\FubTool.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files\Cyberlink\PowerDirector16\PDRStyleAgent.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\Cyberlink\Shared files\RichVideo64.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(GoPro Media, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\7.1.0\Pub\PubMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Sharp Corporation) C:\Windows\System32\spool\drivers\x64\3\SS0ILMSW.EXE
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\FTPServer.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\nsapp.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe
(SHARP CORPORATION) [File not signed] C:\Windows\System32\spool\drivers\x64\3\SN0XRCV.exe
(Sony Mobile Communications AB -> Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Vodafone) [File not signed] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\VmbNotifierService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [224000 2017-09-27] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SN0XRCV] => C:\Windows\system32\spool\drivers\x64\3\SN0XRCV.exe [102400 2016-12-16] (SHARP CORPORATION) [File not signed]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [183088 2019-12-11] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [4468984 2015-09-14] (O&O Software GmbH -> O&O Software GmbH)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [139624 2019-12-13] (IDSA Production signing key -> Intel)
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-11-21] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\MountPoints2: {7ba8ff7d-decb-11e9-89b5-94e979547538} - "D:\Bolt.exe"
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\MountPoints2: {92b85ded-022b-11ea-89b8-94e979547538} - "D:\SetupVMB.exe"
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\MountPoints2: {97231b02-cee3-11e9-89b3-94e979547538} - "D:\AutoRun.exe"
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\MountPoints2: {97231bc9-cee3-11e9-89b3-94e979547538} - "D:\AutoRun.exe"
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\MountPoints2: {d46ee352-3b64-11ea-89c5-94e979547538} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-08] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {013B405E-A6D4-4F15-A63A-1A4A7410CBA0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {03311A20-87F3-427C-AC17-00785EED2C45} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {07E13DE4-DAF8-440C-9FBB-912915937A4A} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-13] (Acer Incorporated -> TODO: <Company name>)
Task: {0C7C2645-C9A8-467B-A4DB-E122280E4DB6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-11-21] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {12C486F2-4E8E-4665-BEF6-5FC6A7EB4F61} - System32\Tasks\CareCenter\SN02IPRW_Reg_HKLMRun => C:\Windows\SysWOW64\SN02SELC.exe [135168 2005-02-15] (SHARP CORPORATION) [File not signed]
Task: {19E8734B-123C-49D3-8909-8018B9326DB5} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [857568 2016-01-14] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {1B4728FD-3F79-4753-95C7-ECDD54CCCD23} - System32\Tasks\OInstall => C:\WINDOWS\OInstall.exe [8757880 2016-04-29] (WZT -> ) [File not signed]
Task: {20B4ADE5-7B6F-4221-8C17-19854113DFE0} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {22F240EC-A38C-45C9-9429-BB3243C96737} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {36928D40-161E-4692-AD2F-65CED272EE97} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.1.0\Scheduler.exe [149776 2019-11-14] (IObit Information Technology -> IObit)
Task: {3741F58F-2FB0-41E7-81DC-B8EAD6F0EAD1} - System32\Tasks\CareCenter\IndexTray.exe_Reg_HKLMWow6432Run => C:\Program Files (x86)\Sharp\Sharpdesk\IndexTray.exe [395264 2011-12-20] (SHARP CORPORATION) [File not signed]
Task: {3B770E54-8450-474F-B16D-F4F26B1E6068} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4360000 2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CEEDF75-434C-423D-80B7-E4D2039F7118} - System32\Tasks\CareCenter\RtHDVBg_TrueHarmony_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {50DE449B-12E4-49D3-B58D-9D903CE5AEAD} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {621CA8BE-5494-41E1-ACF5-907FFD12BFD2} - System32\Tasks\CareCenter\Windows Mobile Device Center_Reg_HKLMRun => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {62307D36-81D1-4E28-92BD-A9EEEA151AAF} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-06-25] (Acer Incorporated -> )
Task: {6C0B57CE-96C6-4ADF-8C60-451F6A416F3B} - System32\Tasks\CareCenter\ICAMaintenance_ICAPKIService_RegKeysRefresh_Reg_HKLMWow6432Run => C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
Task: {6CCFEB7E-1B0E-4051-A14C-B3BF21E352B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-16] (Google Inc -> Google Inc.)
Task: {6FEF2431-F2C4-4EE8-9A98-0ED5BEBF2A42} - System32\Tasks\CareCenter\GoogleDriveSync_Reg_HKCURun_S-1-5-21-2709589950-1360842280-2128968388-1001 => C:\Program Files\Google\Drive\googledrivesync.exe [47773264 2019-12-22] (Google LLC -> )
Task: {7837058E-43A5-4E85-8163-1F9A2F6F3A23} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2919840 2016-06-25] (Acer Incorporated -> )
Task: {78DB8AEF-B8F4-45C7-B9C1-E151B4DE60CC} - System32\Tasks\CareCenter\FtpServer.exe_Reg_HKLMWow6432Run => C:\Program Files (x86)\Sharp\Sharpdesk\FTPServer.exe [820224 2011-12-22] (SHARP CORPORATION) [File not signed]
Task: {7F3B1CFB-56F4-465F-B286-0099E8660008} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {8033804A-256B-4C30-9C1C-EE0CB3F5E758} - System32\Tasks\CareCenter\O&O Defrag Tray.lnk_FolderCommonAppdata => C:\WINDOWS\Installer\{6F9CDC3F-27D8-4A38-B81D-7E2DE3AF8434}\app_icon.ico [292878 2017-10-23] () [File not signed]
Task: {94AE4D09-116E-4A24-90F1-EC4828FCEE6E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4360000 2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A74B0201-423A-484D-B669-09EFB3BF5AAB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8C588CC-7AB6-4E05-A3CF-46896DB80D23} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC874F26-D23B-43B8-ABB2-46E3DB412019} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-16] (Google Inc -> Google Inc.)
Task: {B32F573F-41AF-4778-8606-F451709C5985} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B35E5F53-EBF5-4DAB-8E59-043375F27CD7} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {BE1567DA-5957-4BC2-B956-C0E0860D7C4A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-11-21] (Piriform Software Ltd -> Piriform Ltd)
Task: {C44FB0A0-A680-45AC-BE34-E6FBACB2158D} - System32\Tasks\CareCenter\SunJavaUpdateSched_Reg_HKLMWow6432Run => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {CA687DFD-2395-4A0F-80FF-5A11376D3B41} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated)
Task: {CCEF86E7-2497-4865-932C-F2283830F7A4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {D96ACEE2-5A0C-41E2-BCCE-1857C83EC779} - System32\Tasks\CareCenter\CCleaner Monitoring_Reg_HKCURun_S-1-5-21-2709589950-1360842280-2128968388-1001 => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-11-21] (Piriform Software Ltd -> Piriform Ltd)
Task: {D970A157-D24B-4349-8993-E574FC6C89F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE9DC1CD-42F8-4031-A4F1-F237431EA743} - System32\Tasks\CareCenter\RTHDVCPL_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E60CC02C-07B3-4242-877C-9235E04355E8} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {E926C6E1-948A-48EE-B450-F89760F06F21} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F5ED5AAF-68EA-4D2E-ADCC-CDC157461152} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4644256 2016-06-25] (Acer Incorporated -> )
Task: {F8AB4192-E0E3-4690-B40F-E31AEBEB8C69} - System32\Tasks\CareCenter\SharpTray.exe_Reg_HKLMWow6432Run => C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe [156672 2011-12-20] (SHARP CORPORATION) [File not signed]
Task: {FD0A9F01-531F-4FE9-94C6-9551F07012E8} - System32\Tasks\Driver Booster SkipUAC (Michal) => C:\Program Files (x86)\IObit\Driver Booster\7.1.0\DriverBooster.exe [7757072 2019-11-14] (IObit Information Technology -> IObit)
Task: {FEC749CF-0AA9-4EA8-A02A-473ED3C7208B} - System32\Tasks\PDRStyleAgent => C:\Program Files\CyberLink\PowerDirector16\PDRStyleAgent.exe [99608 2018-04-18] (CyberLink Corp. -> CyberLink Corp.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 185.108.120.1 8.8.8.8
Tcpip\..\Interfaces\{259d4b7e-9fbb-4d1a-ae02-90094bca3429}: [NameServer] 160.218.161.60 194.228.211.33
Tcpip\..\Interfaces\{3070c0c4-916b-4215-86ab-a0994c786b6b}: [NameServer] 160.218.161.60 194.228.211.33
Tcpip\..\Interfaces\{bdc447da-4394-4fc9-ac32-db2dbc6e2d54}: [DhcpNameServer] 185.108.120.1 8.8.8.8
Tcpip\..\Interfaces\{c1d62724-acfb-4864-8f71-d7f2e1e8cac3}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{f1a3292a-5ab0-4e06-80d3-5790e1d6ab8e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fa9d648b-6990-4b0c-9884-84d7bb8cffbc}: [DhcpNameServer] 10.66.216.1
Internet Explorer:
==================
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001 -> DefaultScope {43B3F7A7-C57A-44F9-A4AF-C1CA78A86043} URL =
SearchScopes: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001 -> {43B3F7A7-C57A-44F9-A4AF-C1CA78A86043} URL =
SearchScopes: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {64865E5A-E8D7-44C1-89E1-99A84F6E56D0} hxxp://192.168.1.202/VVTK_Plugin_Installer.exe
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files (x86)\Sharp\Sharpdesk\ExplorerExtensions.dll [2011-12-20] (SHARP CORPORATION) [File not signed]
FireFox:
========
FF DefaultProfile: rzzk17eb.default
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\rzzk17eb.default [2020-01-18]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\rzzk17eb.default\Extensions\abb-acer@amazon.com [2016-12-16] [Legacy]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\rzzk17eb.default\Extensions\langpack-cs@firefox.mozilla.org [2016-12-16] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\rzzk17eb.default\Extensions\partnerdefaults@mozilla.com [2016-12-16] [Legacy]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2016-10-26] [Legacy]
FF Extension: (Czech (CZ) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-cs@firefox.mozilla.org [2016-10-26] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2016-10-26] [Legacy]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2011-04-14] (Google Inc. -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-22]
Chrome:
=======
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.facebook.com
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default [2020-01-22]
CHR Extension: (Prezentace) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-16]
CHR Extension: (MEGA) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2020-01-16]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-16]
CHR Extension: (Elektronický podpis ČSOB) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahecpanklnlonjjlojnjjcigcbflego [2017-05-31]
CHR Extension: (Tabulky) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-16]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [961744 2014-07-13] (ABBYY Production LLC -> ABBYY Production LLC)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [406504 2019-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [38248 2019-12-13] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [145768 2019-12-13] (IDSA Production signing key -> Intel)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2245488 2019-12-11] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2245488 2019-12-11] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1855976 2019-11-15] (Intel Corporation -> Intel Corporation)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [877368 2019-08-16] (Intel(R) Software Development Products -> )
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2019-06-20] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3854336 2019-06-20] (Firebird Project) [File not signed]
R2 Freedome Service; C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe [434648 2016-12-16] (F-Secure Corporation -> F-Secure Corporation)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-06-11] (GoPro Media, Inc. -> )
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] (Huawei Technologies Co., Ltd. -> )
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806352 2019-11-15] (ICEpower a/s -> ICEpower)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [976848 2016-01-14] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-02-05] (Intel Corporation) [File not signed]
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-02-05] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-02-12] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [651856 2013-10-26] (Huawei Technologies Co., Ltd. -> )
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1711352 2015-09-14] (O&O Software GmbH -> O&O Software GmbH)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [191768 2019-11-15] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
R2 RapiMgr; C:\WINDOWS\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2017-06-23] (CyberLink Corp. -> CyberLink)
R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe [2156512 2019-11-15] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [204088 2019-08-16] (Intel(R) Software Development Products -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (Acer Incorporated -> acer)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [877368 2019-08-16] (Intel(R) Software Development Products -> )
R2 VmbNotifierService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\VmbNotifierService.exe [185344 2017-10-21] (Vodafone) [File not signed]
R2 WcesComm; C:\WINDOWS\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2085760 2016-09-16] (Sony Mobile Communications AB -> Sony) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2019-11-15] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [90536 2019-07-14] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
S3 dlusbaudio; C:\WINDOWS\System32\drivers\dlusbaudio_x64.sys [238320 2017-05-29] (DISPLAYLINK -> DisplayLink Corp.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [78680 2019-11-15] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [71000 2019-11-15] (Intel Corporation -> Intel Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-05-13] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-05-13] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-11-01] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-11-01] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-05-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-11-01] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-11] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [402264 2019-11-15] (Intel Corporation -> Intel Corporation)
S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-09-27] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2012-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [130944 2014-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R3 HID_PCI; C:\WINDOWS\System32\drivers\HID_PCI.sys [30832 2016-03-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-11-15] (Martin Malik - REALiX -> REALiX(tm))
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380672 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 iactrllogic; C:\WINDOWS\System32\drivers\iactrllogic64.sys [182184 2019-11-15] (Microsoft Corporation -> Intel(R) Corporation)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [98760 2019-11-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1035744 2019-11-15] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ISH; C:\WINDOWS\System32\drivers\ISH.sys [155288 2019-11-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel)
R3 ISH_BusDriver; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [76912 2016-03-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2019-11-15] (Acer Incorporated -> Acer Incorporated)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-11-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 ov5670; C:\WINDOWS\System32\drivers\ov5670.sys [159104 2019-11-15] (Intel Corporation -> Intel Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2371864 2019-11-15] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2019-11-15] (Acer Incorporated -> Acer Incorporated)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [450152 2019-11-15] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3149832 2017-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [41816 2019-08-16] (Intel Corporation -> )
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56840 2019-11-15] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2019-11-15] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-11] (Microsoft Windows -> Microsoft Corporation)
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [41536 2019-11-15] (Intel(R) Software -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 06:28 - 2020-01-22 06:29 - 000038972 _____ C:\Users\Michal\Desktop\FRST.txt
2020-01-22 06:28 - 2020-01-22 06:29 - 000000000 ____D C:\FRST
2020-01-22 06:28 - 2020-01-22 06:28 - 002572800 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2020-01-21 16:27 - 2020-01-21 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D&G Unlocker
2020-01-21 16:27 - 2020-01-21 16:27 - 000000000 ____D C:\data
2020-01-21 16:02 - 2020-01-21 16:02 - 000000000 ____D C:\Users\Public\Documents\iMyFone
2020-01-21 16:01 - 2020-01-21 16:01 - 000000000 ____D C:\Program Files (x86)\imyfone_down
2020-01-21 15:47 - 2020-01-21 15:47 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2020-01-21 15:42 - 2020-01-21 15:42 - 000000000 ____D C:\Users\Michal\.android
2020-01-21 15:40 - 2020-01-21 16:27 - 000000000 ____D C:\adb
2020-01-21 13:35 - 2020-01-21 13:35 - 000001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\TAGRA.lnk
2020-01-21 13:35 - 2020-01-21 13:35 - 000001015 _____ C:\Users\Public\Desktop\TAGRA.lnk
2020-01-21 13:35 - 2020-01-21 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAGRA 137
2020-01-21 13:34 - 2020-01-21 13:34 - 032868288 _____ C:\Users\Michal\Downloads\TAGRA_eu.zip
2020-01-20 11:39 - 2020-01-20 11:39 - 000006422 _____ C:\Users\Michal\Downloads\fa 2020003.pdf
2020-01-20 06:16 - 2020-01-20 06:16 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-20 06:15 - 2020-01-20 06:16 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-20 06:11 - 2019-12-10 06:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-20 06:11 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-18 09:38 - 2020-01-18 10:00 - 000024890 _____ C:\Users\Michal\Desktop\Loading schedule form_4.xlsx
2020-01-14 13:19 - 2020-01-14 13:19 - 000119203 _____ C:\Users\Michal\Downloads\FORESTRA - SK KI BRAND LKW.pdf
2020-01-07 15:46 - 2020-01-07 15:46 - 000043520 _____ C:\Users\Michal\Desktop\Přehled nabídek_LČbezPD_2020+_k uveřejnění.xls
2020-01-07 15:46 - 2020-01-07 15:46 - 000034816 _____ C:\Users\Michal\Desktop\Přehled nabídek_PČ_2020+_k uveřejnění.xls
2020-01-07 15:45 - 2020-01-07 15:45 - 000039936 _____ C:\Users\Michal\Desktop\Přehled nabídek_LČsPD_2020+_k uveřejnění.xls
2020-01-03 17:16 - 2020-01-03 17:16 - 001396788 _____ C:\Users\Michal\Downloads\office 2016+activator věžně funguje (byvořech).rar
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 06:27 - 2016-12-17 13:36 - 000000000 ____D C:\Users\Michal\Documents\Soubory aplikace Outlook
2020-01-22 06:15 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-22 06:12 - 2016-12-16 13:43 - 000000000 ____D C:\Users\Michal\Documents\Sharpdesk Desktop
2020-01-22 06:07 - 2019-07-02 15:22 - 000003534 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2020-01-22 06:05 - 2016-12-16 12:07 - 000000000 __SHD C:\Users\Michal\IntelGraphicsProfiles
2020-01-21 16:02 - 2019-08-27 08:09 - 000000000 ____D C:\Program Files\DIFX
2020-01-21 16:02 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-21 15:42 - 2019-07-02 15:17 - 000000000 ____D C:\Users\Michal
2020-01-21 15:32 - 2017-07-27 19:02 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-01-21 14:48 - 2019-07-02 15:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-21 14:08 - 2019-08-11 07:21 - 000011488 _____ C:\Users\Michal\Desktop\Sešit1.xlsx
2020-01-21 13:53 - 2017-12-19 06:09 - 000000000 ____D C:\Users\Michal\AppData\Local\Packages
2020-01-21 13:35 - 2016-12-17 14:18 - 000000000 ____D C:\Program Files (x86)\TAGRA.eu
2020-01-21 13:33 - 2019-08-27 08:17 - 000000000 ____D C:\ProgramData\firebird
2020-01-21 13:33 - 2018-07-07 13:08 - 000000000 ____D C:\Users\Michal\Documents\Nová složka
2020-01-21 13:33 - 2016-08-02 03:25 - 000000000 ___HD C:\OEM
2020-01-20 16:08 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-20 16:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-20 10:16 - 2019-07-02 15:24 - 001695456 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-20 10:16 - 2019-03-19 12:57 - 000719670 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-20 10:16 - 2019-03-19 12:57 - 000145698 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-20 10:11 - 2019-07-02 15:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-20 10:11 - 2019-07-02 15:14 - 000514360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-20 06:52 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-20 06:52 - 2018-05-13 11:43 - 000041448 _____ C:\WINDOWS\system32\OV5670_REAR.aiqd
2020-01-20 06:51 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-20 06:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-20 06:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-20 06:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-20 06:21 - 2016-12-16 13:15 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-20 06:18 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-20 06:18 - 2016-12-16 13:15 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-19 08:51 - 2016-12-17 12:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-01-19 08:30 - 2019-07-02 15:22 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2709589950-1360842280-2128968388-1001
2020-01-19 08:30 - 2019-07-02 15:17 - 000002372 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-19 08:30 - 2016-12-16 12:09 - 000000000 ___RD C:\Users\Michal\OneDrive
2020-01-17 14:51 - 2016-12-17 11:04 - 000053607 _____ C:\Users\Michal\Desktop\stepka.xlsx
2020-01-17 12:06 - 2016-12-23 14:17 - 000000000 ____D C:\WINDOWS\files
2020-01-14 12:22 - 2019-09-19 13:02 - 000013895 _____ C:\Users\Michal\Desktop\Tabuľka kompenzácie.xlsx
2020-01-14 12:21 - 2019-12-03 11:34 - 000012223 _____ C:\Users\Michal\Desktop\Tabuľka kompenzácie_ACTIV.xlsx
2020-01-14 06:16 - 2019-12-11 14:28 - 000000000 ____D C:\Users\Michal\Desktop\dynasty
2020-01-12 17:21 - 2017-10-19 12:00 - 000000000 ___RD C:\Users\Michal\Downloads\ISO2GOD
2020-01-12 17:10 - 2019-10-20 14:14 - 000000000 ____D C:\Program Files (x86)\FastShare
2020-01-10 13:37 - 2018-10-06 10:38 - 000000000 ____D C:\Users\Michal\Desktop\cina
2020-01-08 15:16 - 2018-12-12 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-01-08 06:19 - 2016-12-16 12:14 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-07 11:18 - 2017-01-19 14:32 - 000000000 ____D C:\Users\Michal\AppData\Roaming\vlc
2020-01-05 11:52 - 2019-11-21 08:33 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-30 09:09 - 2016-12-17 10:54 - 000000000 ____D C:\Pracovni
2019-12-27 17:13 - 2017-09-27 05:45 - 000000000 ____D C:\Users\Michal\AppData\Roaming\IObit
==================== Files in the root of some directories ========
2017-07-12 07:13 - 2006-05-19 12:48 - 000034816 _____ () C:\Program Files\winbox.exe
2018-05-13 07:43 - 2018-05-13 07:43 - 000000210 _____ () C:\Users\Michal\AppData\Roaming\MICHAL.MTBF.txt
2018-05-13 07:45 - 2018-09-18 11:18 - 000004608 _____ () C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-25 12:03 - 2017-07-25 12:03 - 000000084 _____ () C:\Users\Michal\AppData\Local\FSDownloader.err
2017-07-25 11:40 - 2017-07-25 17:32 - 000001080 _____ () C:\Users\Michal\AppData\Local\FSDownloader.nast
2017-09-16 09:14 - 2017-09-16 09:14 - 000007604 _____ () C:\Users\Michal\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Dekuji pomochlo. Posilam penize .Diky
Mohl bych poprosit o kontrolu logu meho pc. Obcas mi zamrzne obrazovka a po cca 5 sekundach se zase rozjede

Dekuji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Michal (22-01-2020 06:30:07)
Running from C:\Users\Michal\Desktop
Windows 10 Pro Version 1903 18362.592 (X64) (2019-07-02 14:23:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2709589950-1360842280-2128968388-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2709589950-1360842280-2128968388-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2709589950-1360842280-2128968388-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2709589950-1360842280-2128968388-501 - Limited - Disabled)
Michal (S-1-5-21-2709589950-1360842280-2128968388-1001 - Administrator - Enabled) => C:\Users\Michal
WDAGUtilityAccount (S-1-5-21-2709589950-1360842280-2128968388-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.426 - ABBYY Production LLC)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3024 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.02.3001 - Acer Incorporated)
Advanced IP Scanner 2.5 (HKLM-x32\...\{6ABB4DB7-5E8F-4F7A-AAF2-C7B4337B7161}) (Version: 2.5.3233 - Famatech)
Aktualizace ovladače pro aplikaci Centrum zařízení Windows Mobile (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
App Explorer (HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ATTENTION
Backup and Sync from Google (HKLM\...\{7B473CF8-CE4F-4AE1-A86D-CFBDDCC85FAF}) (Version: 3.47.8667.1399 - Google, Inc.)
Balíček ovladače systému Windows - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9) (Version: 10/22/2009 2.06.00 - FTDI)
Balíček ovladače systému Windows - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\88EB56038379B8B7DCFB4D2448A60F52E064B265) (Version: 10/22/2009 2.06.00 - FTDI)
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Boris FX Continuum Plug-ins 11 for Cyberlink (HKLM\...\{7E607B62-1788-40CB-BADB-DC1511627F6C}_is1) (Version: - Boris FX, Inc.)
Camera Stream Controller (HKLM-x32\...\Camera Stream Controller) (Version: 1.0.0.114 - VIVOTEK INC.)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
CyberLink ActionDirector 3 (HKLM-x32\...\{49483CD6-CB26-49EB-8C43-B0EA00927B5F}) (Version: 3.0.2219.0 - CyberLink Corp.)
CyberLink PowerDirector 16 (HKLM-x32\...\{EE9EC028-49D2-4349-B0A3-9B2E752A4958}) (Version: 16.0.2101.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
D-G Unlocker Tools v.1.0 (HKLM-x32\...\{1B0C7840-DEE7-4AE0-965D-6B3892286A68}) (Version: 1.00.0000 - D&G Unlocker)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.1.0 - IObit)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 19.300 (20190319_12) - Solitea Česká republika, a.s.)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
FastShare.cz verze 2.4.0 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.4.0 - )
Firebird 2.5.9.27139 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.9.27139 - Firebird Project)
Freedome VPN (HKLM-x32\...\F-Secure Freedome) (Version: 1.3.2915.0 - F-Secure Corporation)
Freedome VPN (source) (HKLM-x32\...\{83A4BF20-6745-437C-98D8-3C4B94D174EB}) (Version: 1.16.0612 - Acer)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 3.32.000 - Runtime Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GoPro Quik (HKLM\...\{8B7D1DD1-5CA4-4B6E-9A86-3EA9E3601DF3}) (Version: 0.1.841 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{f1aab631-23ee-456b-a5ef-6e4d9d638068}) (Version: 2.6.2.841 - GoPro, Inc.)
I.CA Diagnostic (HKLM-x32\...\{6969F77F-418C-448B-9CA2-D7304112609E}) (Version: 1.2.8.0 - První certifikační autorita, a.s.) Hidden
I.CA Diagnostic (HKLM-x32\...\I.CA Diagnostic 1.2.8.0) (Version: 1.2.8.0 - První certifikační autorita, a.s.)
I.CA Maintenance (HKLM-x32\...\{29BC7C1E-3AEC-47AB-B820-FC16D759F1B3}) (Version: 1.3.0.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.0.0) (Version: 1.3.0.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{446955F6-A94B-4293-B646-43A9ADD4D62B}) (Version: 1.2.5.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.2.5.0) (Version: 1.2.5.0 - První certifikační autorita, a.s.)
I.CA SecureStore 4.5 (HKLM\...\{974DE7F0-8CE5-4269-9395-2E1314A7E8CB}) (Version: 4.5 - První certifikační autorita, a.s.)
Intel Driver && Support Assistant (HKLM-x32\...\{3EAAD5EA-1D87-442D-8426-FD4FCE62119D}) (Version: 19.12.50.5 - Intel) Hidden
Intel(R) 2D Imaging Setup Wizard (HKLM\...\{ac212bd0-e091-426e-9db4-ee9c07bb0e93}) (Version: 30.10586.7035.1976 - Intel Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{A9133872-C9FE-45CC-8F01-D1947B0F09EA}) (Version: 2.4.04755 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.2.1183 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4691 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation)
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{8d174f37-ea1a-4e4d-be82-c10521a3c687}) (Version: 19.12.50.5 - Intel)
Intel® Integrated Sensor Solution (HKLM-x32\...\{bb5db3f1-f986-40a9-8a7e-c361a35d9b90}) (Version: 3.0.30.1044 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{CCBE9F01-C2C3-469C-A508-2E23A7495E91}) (Version: 1.0.0.609 - Intel Corporation)
ISS_Drivers_x64 (HKLM\...\{573398AD-0A98-44AA-9CA7-E8257F495514}) (Version: 3.0.30.1044 - Intel Corporation) Hidden
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.12325.20298 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 45.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0 (x86 en-US)) (Version: 45.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.5 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VII for Windows (HKLM-x32\...\NewBlue Video Essentials VII for Windows) (Version: 3.0 - NewBlue)
O&O Defrag Professional (HKLM\...\{6F9CDC3F-27D8-4A38-B81D-7E2DE3AF8434}) (Version: 19.0.87 - O&O Software GmbH)
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.11.00.445 - Huawei Technologies Co.,Ltd)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20298 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Ontrack® EasyRecovery™ Professional for Windows (HKLM-x32\...\Ontrack® EasyRecovery™ Professional for Windows_is1) (Version: 12.0.0.2 - Kroll Ontrack)
Open Transport Tycoon Deluxe 0.7.5 (HKLM-x32\...\Open Transport Tycoon Deluxe 0.7.5) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PC-CCID (HKLM\...\{3DCDFCDB-4D96-4CF0-9BB3-C91DAE9073F3}) (Version: 2.0.0 - Gemalto)
PDFsam Basic (HKLM\...\{C3C9A143-931C-42FD-AAC7-26E7B5502BF8}) (Version: 4.0.4.0 - Sober Lemur S.a.s. di Vacondio Andrea)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.115.3 - proDAD GmbH)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10245 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.212 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11224 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SHARP MFP TWAIN K Scanner Driver (HKLM-x32\...\SHARP MFP TWAIN K Scanner Driver) (Version: 4.01.05 - SHARP)
SHARP MX/MX-M Series PC-Fax Driver (HKLM-x32\...\SHARP MX-2310U PC-Fax Driver) (Version: 1.00.000 - SHARP)
SHARP MX/MX-M/DX Series Printer Driver (HKLM-x32\...\SHARP MX-2310U Printer Driver) (Version: 1.00.000 - SHARP)
Sharpdesk (HKLM-x32\...\{2A30AFBD-6DA5-499F-A83B-7CB2DFF21C23}) (Version: 3.3 - SHARP CORPORATION)
Skype verze 8.54 (HKLM-x32\...\Skype_is1) (Version: 8.54 - Skype Technologies S.A.)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Služba Xperia Companion (HKLM\...\{7D8E3C78-DA8C-4BBC-86BC-6A42068EE7C2}) (Version: 1.3.2.0 - Sony) Hidden
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
SmartPSS 2.02.1 (HKLM-x32\...\SmartPSS) (Version: 2.02.1 - )
Synology Photo Station Uploader (remove only) (HKLM-x32\...\Photo Station Uploader) (Version: 1.4.0.080 - Synology)
TAGRA 137 (HKLM-x32\...\{AD8747CD-02E9-4900-986E-B5C05A23ABCD}) (Version: 137 - Truck Data Technology s.r.o.) Hidden
TAGRA 137 (HKLM-x32\...\TAGRA 137 137) (Version: 137 - Truck Data Technology s.r.o.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.52a - Ghisler Software GmbH)
Total PDF Printer (HKLM-x32\...\Total PDF Printer_is1) (Version: - Softplicity, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vodafone Mobile Broadband (HKLM-x32\...\{1533A6AC-7984-4EA6-9A68-23C2537D3250}) (Version: 1.2.7.56241 - Vodafone)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-4) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{34D872B2-47FB-40A4-8C3F-915EA14F2586}) (Version: 1.3.2.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{f494d3ac-4796-4bbd-b7a0-1873600d110d}) (Version: 1.3.2.0 - Sony)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1704.2.22 - ZONER software)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-17] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-12] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-19] (MAGIX)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001_Classes\CLSID\{34EC519D-F525-2154-E03D-BF10F78ECA8E}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001_Classes\CLSID\{6BE99E87-B6FB-4CC3-AE69-DFCF33303D55} -> [Tiskové exporty z Money S3] => C:\Users\Public\Documents\Solitea\Money S3\PRINT\ [0000-00-00 00:00]
CustomCLSID: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-11] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2014-07-14] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-12-22] (Google LLC -> Google)
ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2015-09-14] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-11] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2015-09-14] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-12-22] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\igfxDTCM.dll [2019-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-11] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2014-07-14] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2015-09-14] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2709589950-1360842280-2128968388-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2017-09-06] (proDAD GmbH -> proDAD GmbH)
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-01-30 16:00 - 2019-01-30 16:00 - 001106432 _____ ( Prvni certifikacni autorita, a.s.) [File not signed] C:\WINDOWS\system32\SecureStoreCore.dll
2017-01-02 17:04 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2011-12-23 00:01 - 2011-12-23 00:01 - 000930304 _____ () [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\SCprMfpif.dll
2016-07-07 09:57 - 2016-07-07 09:57 - 000035328 _____ () [File not signed] C:\Program Files (x86)\Synology\Photo Station Uploader\ShellExtHandler.dll
2017-09-22 12:07 - 2009-06-23 03:42 - 000043008 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2017-09-22 12:07 - 2009-01-10 19:32 - 000011362 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2017-09-22 12:07 - 2013-08-31 06:44 - 002417152 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2017-09-22 12:07 - 2013-08-31 06:46 - 001148416 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000114176 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_ctypes.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000173056 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_elementtree.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001808896 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_hashlib.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000032256 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_multiprocessing.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000046080 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_psutil_windows.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000047616 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_socket.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 002241024 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_ssl.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000026112 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_yappi.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000080896 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\bz2.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000016384 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\common.time34.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000007680 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\hashobjs_ext.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000301568 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\PIL._imaging.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000169472 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\pyexpat.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001084416 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\pysqlite2._sqlite.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000548864 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\pythoncom27.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000137728 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\pywintypes27.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000010752 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\select.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000020992 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\thumbnails_ext.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000689664 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\unicodedata.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000119808 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\usb_ext.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000128512 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32api.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000438784 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32com.shell.shell.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000011776 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32crypt.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000023040 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32event.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000149504 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32file.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000223232 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32gui.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000048128 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32inet.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000029696 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32pdh.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000027648 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32pipe.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000044032 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32process.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000020480 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32profile.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000136192 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32security.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000026624 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32ts.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000034816 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\windows.conditional.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000038400 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\windows.connectivity.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000071680 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\windows.device_monitor.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000109056 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\windows.volumes.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000020480 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\windows.winwrap.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001325056 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._controls_.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001489408 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._core_.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001007104 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._gdi_.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000103424 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._html2.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000916992 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._misc_.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001039872 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._windows_.pyd
2019-01-30 16:02 - 2019-01-30 16:02 - 000482304 _____ () [File not signed] C:\WINDOWS\system32\SecureStoreCspRes.dll
2019-08-27 08:16 - 2019-06-20 10:07 - 000552960 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbclient.dll
2019-08-27 08:16 - 2019-06-20 10:07 - 000007680 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\ib_util.dll
2019-08-27 08:16 - 2019-06-20 10:08 - 000925696 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\intl\fbintl.DLL
2019-08-27 08:16 - 2019-06-20 10:05 - 000438272 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\plugins\fbtrace.dll
2019-01-30 11:14 - 2019-01-30 11:14 - 000944128 _____ (Free Software Foundation) [File not signed] C:\WINDOWS\system32\libiconv.dll
2019-08-27 08:16 - 2019-06-20 10:01 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\icudt30.dll
2019-08-27 08:16 - 2019-06-20 10:01 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\icuuc30.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\python27.dll
2019-08-16 14:29 - 2019-08-16 14:29 - 001635840 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2011-12-22 23:44 - 2011-12-22 23:44 - 000257024 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\FlowManager.dll
2011-12-15 16:54 - 2011-12-15 16:54 - 000563200 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\mfpngbh.dll
2011-12-23 00:05 - 2011-12-23 00:05 - 000596480 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\ProfMgr.dll
2011-12-22 23:43 - 2011-12-22 23:43 - 000434176 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\Resources\resndkENU.dll
2016-12-16 13:44 - 2011-02-07 12:41 - 000029184 _____ (SHARP CORPORATION) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\crprproc.dll
2019-08-16 14:29 - 2019-08-16 14:29 - 001902080 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\sqlite3.DLL
2019-08-16 14:29 - 2019-08-16 14:29 - 001902080 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2014-08-29 08:54 - 2014-08-29 08:54 - 001659904 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\WINDOWS\system32\LIBEAY32_101.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxbase30u_net_vc90_x64.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxbase30u_vc90_x64.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxmsw30u_adv_vc90_x64.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxmsw30u_core_vc90_x64.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxmsw30u_html_vc90_x64.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\OEM:{6D006200-5200-6F00-5700-6F0061003900} [664]
AlternateDataStreams: C:\ProgramData\TEMP:24C8262A [121]
AlternateDataStreams: C:\Users\Michal\Documents\Nová složka:{6D006200-5200-6F00-5700-6F0061003900} [664]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 12:47 - 2018-05-15 05:33 - 000000887 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 cap.cyberlink.com
127.0.0.1 activation.cyberlink.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal\Pictures\bear.jpg
DNS Servers: 185.108.120.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "WinSat"
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E3AF2B2B-8145-453B-8C43-EFB79393F1A8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{55861F68-BDF0-4EEB-8F84-C54689933DA1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{7181DE29-3845-4522-8A7C-2CF5F2AF58AD}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [TCP Query User{A1B87635-EC33-45AB-A3B8-01A3B4716F79}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [UDP Query User{ADF76EA7-DAD0-4A4D-AE45-44BBED4C32FB}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [TCP Query User{D5BB6F63-AC13-49EE-8259-C2487031E6F7}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [{14789CD3-EFDC-459F-827D-F35A8BE3A3CF}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{24D6F23D-D4A2-4B7F-BB02-6609EBC49558}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{0074F479-821A-469E-810C-C2854D187BF3}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{7BF08C4C-6621-4639-B3BF-2CE7B100D35C}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [UDP Query User{6D56B91E-0F80-4D4A-A89B-E2D78F96450E}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [TCP Query User{2ACAAC43-2FC2-43F6-A562-E3EF041BFA25}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{02943FDD-0932-4DE0-80ED-777151950726}] => (Block) %ProgramFiles% (x86)\Ontrack\EasyRecovery\OntrackEasyRecoveryforWindows.exe No File
FirewallRules: [{4E818203-4858-4413-94D2-B86AE43784A6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe No File
FirewallRules: [{2EECF095-B604-47AB-A281-B9AC7DBB26E4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe No File
FirewallRules: [{78F61F06-49B4-4CEE-974E-968ED7E5B53A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe No File
FirewallRules: [{14C8FA55-CCAF-4319-8F53-DF883B7A7C98}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe No File
FirewallRules: [UDP Query User{441E5441-DF25-4D1E-80B5-EBCC8B240881}C:\programy\totalcmd\totalcmd.exe] => (Allow) C:\programy\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{E0BA4DC5-64C3-4FD0-9BAA-6DC343789112}C:\programy\totalcmd\totalcmd.exe] => (Allow) C:\programy\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{670FEB18-F9BC-40BB-9EF9-55317F31E651}C:\program files\winbox.exe] => (Allow) C:\program files\winbox.exe () [File not signed]
FirewallRules: [TCP Query User{A5373FCE-75A6-4D4B-A7CC-F2D89351B796}C:\program files\winbox.exe] => (Allow) C:\program files\winbox.exe () [File not signed]
FirewallRules: [{82F46973-46FD-4A60-A0F2-53885339D3FB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{225914F4-93E7-4B3F-A965-AE6605A0B219}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C9E6AEFE-B24B-48ED-A0D4-60C67F7A2C1F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5B6E2EA6-4082-448B-ABAF-23FAA6AF784D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{47D11E2C-1444-438E-8D7B-E5FDD1B31B98}C:\osobni\vypal\!!\!!\zaloha dreambox\inetbox_dm500\image nemesis\server_mario\dreamset\dreamset.exe] => (Allow) C:\osobni\vypal\!!\!!\zaloha dreambox\inetbox_dm500\image nemesis\server_mario\dreamset\dreamset.exe (John V.) [File not signed]
FirewallRules: [TCP Query User{85183841-7B89-4ECD-9E29-C7F1A24F398E}C:\osobni\vypal\!!\!!\zaloha dreambox\inetbox_dm500\image nemesis\server_mario\dreamset\dreamset.exe] => (Allow) C:\osobni\vypal\!!\!!\zaloha dreambox\inetbox_dm500\image nemesis\server_mario\dreamset\dreamset.exe (John V.) [File not signed]
FirewallRules: [{983017BE-4068-4E6D-BF85-5BF934651B92}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{96B95ECC-3E1F-4507-8ADA-340459D63CFA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{713D7167-4CD3-4053-B7D8-7EB96AB18B3E}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{7071ED03-9CA0-442F-8182-3E8F20D924C1}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{AC91C1E6-0FF9-4994-95FD-6BC983E6C2A2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{8F0059E3-1F25-47E8-B5D7-3958643B4EF0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{5D8654AC-AA0D-4C65-99FA-D6949912D6B2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{24D148C9-2BAF-4726-A62D-1331570879BF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [TCP Query User{AFDDAFC6-2DFA-414E-B1AD-CBA55D33CB6C}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{8E618919-F764-4C7F-A098-A212E7EE41CA}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{9049F9E8-C289-4A66-98A0-1FAA0156BDF4}D:\aaa\micooffi20132016insv53\office 2013-2016 c2r install v5.3\files\bin\kmss.exe] => (Allow) D:\aaa\micooffi20132016insv53\office 2013-2016 c2r install v5.3\files\bin\kmss.exe No File
FirewallRules: [UDP Query User{B31D62C6-249A-4662-999F-ACAFD6FC6496}D:\aaa\micooffi20132016insv53\office 2013-2016 c2r install v5.3\files\bin\kmss.exe] => (Allow) D:\aaa\micooffi20132016insv53\office 2013-2016 c2r install v5.3\files\bin\kmss.exe No File
FirewallRules: [TCP Query User{6867770C-6CDE-4E49-A59C-EC53C0A39D99}C:\program files (x86)\synology\photo station uploader\mediauploader.exe] => (Allow) C:\program files (x86)\synology\photo station uploader\mediauploader.exe (Synology Inc. -> Synology Inc.) [File not signed]
FirewallRules: [UDP Query User{6FBECDF5-F86F-4A52-AABF-F3A62E58918D}C:\program files (x86)\synology\photo station uploader\mediauploader.exe] => (Allow) C:\program files (x86)\synology\photo station uploader\mediauploader.exe (Synology Inc. -> Synology Inc.) [File not signed]
FirewallRules: [{67ECED66-0FE0-4C2E-BEEB-B85037C54D8A}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony) [File not signed]
FirewallRules: [TCP Query User{65776CE7-162A-476F-9010-C6FC96769FD3}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{0C02A2E6-3392-41EE-8908-01F62923A88E}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{C7567B0F-1496-4584-BE84-3C5DAC8C5F22}C:\programy\totalcmd\totalcmd.exe] => (Allow) C:\programy\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{11B79E69-C71A-4E58-9DEF-B7BF7FA7FE89}C:\programy\totalcmd\totalcmd.exe] => (Allow) C:\programy\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{F376D13E-5B03-44A4-A711-4068A5B0768F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{818D271F-5A9F-4E91-A7F6-B557D12BD6B1}D:\programy\2013-2016 c2r install v5.9.3\files\bin\kmss.exe] => (Allow) D:\programy\2013-2016 c2r install v5.9.3\files\bin\kmss.exe No File
FirewallRules: [UDP Query User{B8553B82-F9E1-45EB-965B-BDF49830E2DD}D:\programy\2013-2016 c2r install v5.9.3\files\bin\kmss.exe] => (Allow) D:\programy\2013-2016 c2r install v5.9.3\files\bin\kmss.exe No File
FirewallRules: [TCP Query User{3D897D9D-05F6-40B0-91ED-51A13648C129}C:\program files\winbox.exe] => (Allow) C:\program files\winbox.exe () [File not signed]
FirewallRules: [UDP Query User{3B8A569F-2E7E-45F8-A2AB-F8152276074E}C:\program files\winbox.exe] => (Allow) C:\program files\winbox.exe () [File not signed]
FirewallRules: [TCP Query User{A2566036-A34E-46F5-A04A-553032264A95}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [UDP Query User{EC8A2355-408C-4B33-A3C7-04E58582D2C7}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{E9111D54-C349-46B5-833D-5B5F13D9C6DF}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{091CD5ED-6754-4A2F-AABA-F8B61138AB1E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CFAB0A0C-0EAA-4F44-90F7-2C26BDDE3F2F}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{54C133D9-F324-4CA8-ADD7-99A868B16196}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{4599629E-B390-4A25-BC3D-5A7531F388DF}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{D2974607-BB01-4F5E-A036-997C38BF4520}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{542101AA-3B96-42C5-8902-76D8694FD319}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9372A9C9-DBC4-46F7-A95B-B190694D3EE6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5FE09E51-2C92-4AB7-85B2-240F97F5AE12}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0C465DE5-4D60-47A3-9F2F-24FF6F7BF640}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{67A8759C-0841-4764-A92A-A2187D7EF857}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F818AB4D-F2FA-4E3D-8FC1-FF14F364DF52}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BFDDC46E-B4E0-4B85-8973-567EB732DC21}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6D31E743-D1B6-49E6-9683-81A7668A5C07}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D3B3A5C3-A18D-43FE-A006-41FABCD380E9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0CFD29B5-392A-4361-825D-EED97B19DE33}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{729DADFF-C490-43E6-8852-BCEF2E94B7FD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F2E70540-0066-4AE6-9EB5-9EDF654E228C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D7181734-735E-48BD-9F1C-CF0B46932626}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{90B0A9D2-EF97-45A8-8FFD-F26BC480351F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5452DCF8-33E0-4DC3-BB61-62F44E3697BC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
01-01-2020 11:45:34 Naplánovaný kontrolní bod
09-01-2020 08:13:32 Naplánovaný kontrolní bod
17-01-2020 07:05:56 Naplánovaný kontrolní bod
21-01-2020 13:34:40 Installed TAGRA 137
==================== Faulty Device Manager Devices ============
Name: Citron Hands-Free HF
Description: Role Handsfree pro hands-free profil Microsoft Bluetooth
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthHFEnum
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/22/2020 06:13:24 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (64760,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (01/22/2020 06:09:05 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MICHAL)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (01/21/2020 04:28:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance(CLSID_VSSCoordinator) došlo k neočekávané chybě. hr= 0x800401f0, Nebyla volána procedura CoInitialize.
.
Error: (01/21/2020 04:28:25 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem Coordinator nelze spustit. [0x800401f0, Nebyla volána procedura CoInitialize.
]
Error: (01/21/2020 03:56:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRP Remover Cracked.exe, verze: 1.0.0.0, časové razítko: 0x58373bba
Název chybujícího modulu: KERNELBASE.dll, verze: 6.2.18362.535, časové razítko: 0x5bd9df62
Kód výjimky: 0xe0434f4d
Posun chyby: 0x001135d2
ID chybujícího procesu: 0x%9
Čas spuštění chybující aplikace: 0xFRP Remover Cracked.exe0
Cesta k chybující aplikaci: FRP Remover Cracked.exe1
Cesta k chybujícímu modulu: FRP Remover Cracked.exe2
ID zprávy: FRP Remover Cracked.exe3
Úplný název chybujícího balíčku: FRP Remover Cracked.exe4
ID aplikace související s chybujícím balíčkem: FRP Remover Cracked.exe5
Error: (01/21/2020 03:56:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRP Remover Cracked.exe, verze: 1.0.0.0, časové razítko: 0x58373bba
Název chybujícího modulu: KERNELBASE.dll, verze: 6.2.18362.535, časové razítko: 0x5bd9df62
Kód výjimky: 0xe0434f4d
Posun chyby: 0x001135d2
ID chybujícího procesu: 0x%9
Čas spuštění chybující aplikace: 0xFRP Remover Cracked.exe0
Cesta k chybující aplikaci: FRP Remover Cracked.exe1
Cesta k chybujícímu modulu: FRP Remover Cracked.exe2
ID zprávy: FRP Remover Cracked.exe3
Úplný název chybujícího balíčku: FRP Remover Cracked.exe4
ID aplikace související s chybujícím balíčkem: FRP Remover Cracked.exe5
Error: (01/21/2020 03:48:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance(CLSID_VSSCoordinator) došlo k neočekávané chybě. hr= 0x800401f0, Nebyla volána procedura CoInitialize.
.
Error: (01/21/2020 03:48:18 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem Coordinator nelze spustit. [0x800401f0, Nebyla volána procedura CoInitialize.
]
System errors:
=============
Error: (01/22/2020 06:05:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_36ff388 byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (01/21/2020 04:32:11 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL)
Description: Server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/21/2020 01:00:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_23f1904 byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (01/20/2020 10:13:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/20/2020 10:11:44 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_8fc05 byla ukončena s následující chybou:
Zařízení není připraveno.
Error: (01/20/2020 10:11:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. RunOuc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/20/2020 10:11:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. RunOuc bylo dosaženo časového limitu (45000 ms).
Error: (01/20/2020 06:07:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2020-01-22 06:05:31.564
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-22 06:05:31.560
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-22 06:05:31.555
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-22 06:05:31.551
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-22 06:05:31.541
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-21 06:04:50.309
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-21 06:04:50.306
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2020-01-21 06:04:50.301
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.02 06/17/2016
Motherboard: Acer Hawaii
Processor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 47%
Total physical RAM: 8072.91 MB
Available physical RAM: 4214.63 MB
Total Virtual: 9352.91 MB
Available Virtual: 5182.66 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:475.83 GB) (Free:192.57 GB) NTFS
\\?\Volume{727208f8-994f-4a0b-a32f-3f87b4511309}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.57 GB) NTFS
\\?\Volume{0a955655-14a2-47b1-8d6c-1f62e8762783}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 947150D8)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2020
Ran by Michal (administrator) on MICHAL (Acer Switch SA5-271P) (22-01-2020 06:28:50)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: defaultuser0 & Michal)
Platform: Windows 10 Pro Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ABBYY Production LLC -> ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Acer Incorporated -> ) C:\OEM\Preload\FubTool\FubTool.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files\Cyberlink\PowerDirector16\PDRStyleAgent.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\Cyberlink\Shared files\RichVideo64.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(GoPro Media, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\7.1.0\Pub\PubMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Sharp Corporation) C:\Windows\System32\spool\drivers\x64\3\SS0ILMSW.EXE
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\FTPServer.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\nsapp.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe
(SHARP CORPORATION) [File not signed] C:\Windows\System32\spool\drivers\x64\3\SN0XRCV.exe
(Sony Mobile Communications AB -> Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Vodafone) [File not signed] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\VmbNotifierService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [224000 2017-09-27] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SN0XRCV] => C:\Windows\system32\spool\drivers\x64\3\SN0XRCV.exe [102400 2016-12-16] (SHARP CORPORATION) [File not signed]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [183088 2019-12-11] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [4468984 2015-09-14] (O&O Software GmbH -> O&O Software GmbH)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [139624 2019-12-13] (IDSA Production signing key -> Intel)
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-11-21] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\MountPoints2: {7ba8ff7d-decb-11e9-89b5-94e979547538} - "D:\Bolt.exe"
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\MountPoints2: {92b85ded-022b-11ea-89b8-94e979547538} - "D:\SetupVMB.exe"
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\MountPoints2: {97231b02-cee3-11e9-89b3-94e979547538} - "D:\AutoRun.exe"
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\MountPoints2: {97231bc9-cee3-11e9-89b3-94e979547538} - "D:\AutoRun.exe"
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\MountPoints2: {d46ee352-3b64-11ea-89c5-94e979547538} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-08] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {013B405E-A6D4-4F15-A63A-1A4A7410CBA0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {03311A20-87F3-427C-AC17-00785EED2C45} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {07E13DE4-DAF8-440C-9FBB-912915937A4A} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-13] (Acer Incorporated -> TODO: <Company name>)
Task: {0C7C2645-C9A8-467B-A4DB-E122280E4DB6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-11-21] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {12C486F2-4E8E-4665-BEF6-5FC6A7EB4F61} - System32\Tasks\CareCenter\SN02IPRW_Reg_HKLMRun => C:\Windows\SysWOW64\SN02SELC.exe [135168 2005-02-15] (SHARP CORPORATION) [File not signed]
Task: {19E8734B-123C-49D3-8909-8018B9326DB5} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [857568 2016-01-14] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {1B4728FD-3F79-4753-95C7-ECDD54CCCD23} - System32\Tasks\OInstall => C:\WINDOWS\OInstall.exe [8757880 2016-04-29] (WZT -> ) [File not signed]
Task: {20B4ADE5-7B6F-4221-8C17-19854113DFE0} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {22F240EC-A38C-45C9-9429-BB3243C96737} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {36928D40-161E-4692-AD2F-65CED272EE97} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.1.0\Scheduler.exe [149776 2019-11-14] (IObit Information Technology -> IObit)
Task: {3741F58F-2FB0-41E7-81DC-B8EAD6F0EAD1} - System32\Tasks\CareCenter\IndexTray.exe_Reg_HKLMWow6432Run => C:\Program Files (x86)\Sharp\Sharpdesk\IndexTray.exe [395264 2011-12-20] (SHARP CORPORATION) [File not signed]
Task: {3B770E54-8450-474F-B16D-F4F26B1E6068} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4360000 2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CEEDF75-434C-423D-80B7-E4D2039F7118} - System32\Tasks\CareCenter\RtHDVBg_TrueHarmony_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {50DE449B-12E4-49D3-B58D-9D903CE5AEAD} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {621CA8BE-5494-41E1-ACF5-907FFD12BFD2} - System32\Tasks\CareCenter\Windows Mobile Device Center_Reg_HKLMRun => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {62307D36-81D1-4E28-92BD-A9EEEA151AAF} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-06-25] (Acer Incorporated -> )
Task: {6C0B57CE-96C6-4ADF-8C60-451F6A416F3B} - System32\Tasks\CareCenter\ICAMaintenance_ICAPKIService_RegKeysRefresh_Reg_HKLMWow6432Run => C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
Task: {6CCFEB7E-1B0E-4051-A14C-B3BF21E352B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-16] (Google Inc -> Google Inc.)
Task: {6FEF2431-F2C4-4EE8-9A98-0ED5BEBF2A42} - System32\Tasks\CareCenter\GoogleDriveSync_Reg_HKCURun_S-1-5-21-2709589950-1360842280-2128968388-1001 => C:\Program Files\Google\Drive\googledrivesync.exe [47773264 2019-12-22] (Google LLC -> )
Task: {7837058E-43A5-4E85-8163-1F9A2F6F3A23} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2919840 2016-06-25] (Acer Incorporated -> )
Task: {78DB8AEF-B8F4-45C7-B9C1-E151B4DE60CC} - System32\Tasks\CareCenter\FtpServer.exe_Reg_HKLMWow6432Run => C:\Program Files (x86)\Sharp\Sharpdesk\FTPServer.exe [820224 2011-12-22] (SHARP CORPORATION) [File not signed]
Task: {7F3B1CFB-56F4-465F-B286-0099E8660008} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {8033804A-256B-4C30-9C1C-EE0CB3F5E758} - System32\Tasks\CareCenter\O&O Defrag Tray.lnk_FolderCommonAppdata => C:\WINDOWS\Installer\{6F9CDC3F-27D8-4A38-B81D-7E2DE3AF8434}\app_icon.ico [292878 2017-10-23] () [File not signed]
Task: {94AE4D09-116E-4A24-90F1-EC4828FCEE6E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4360000 2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A74B0201-423A-484D-B669-09EFB3BF5AAB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8C588CC-7AB6-4E05-A3CF-46896DB80D23} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC874F26-D23B-43B8-ABB2-46E3DB412019} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-16] (Google Inc -> Google Inc.)
Task: {B32F573F-41AF-4778-8606-F451709C5985} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B35E5F53-EBF5-4DAB-8E59-043375F27CD7} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {BE1567DA-5957-4BC2-B956-C0E0860D7C4A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-11-21] (Piriform Software Ltd -> Piriform Ltd)
Task: {C44FB0A0-A680-45AC-BE34-E6FBACB2158D} - System32\Tasks\CareCenter\SunJavaUpdateSched_Reg_HKLMWow6432Run => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {CA687DFD-2395-4A0F-80FF-5A11376D3B41} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated)
Task: {CCEF86E7-2497-4865-932C-F2283830F7A4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {D96ACEE2-5A0C-41E2-BCCE-1857C83EC779} - System32\Tasks\CareCenter\CCleaner Monitoring_Reg_HKCURun_S-1-5-21-2709589950-1360842280-2128968388-1001 => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-11-21] (Piriform Software Ltd -> Piriform Ltd)
Task: {D970A157-D24B-4349-8993-E574FC6C89F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE9DC1CD-42F8-4031-A4F1-F237431EA743} - System32\Tasks\CareCenter\RTHDVCPL_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E60CC02C-07B3-4242-877C-9235E04355E8} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {E926C6E1-948A-48EE-B450-F89760F06F21} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F5ED5AAF-68EA-4D2E-ADCC-CDC157461152} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4644256 2016-06-25] (Acer Incorporated -> )
Task: {F8AB4192-E0E3-4690-B40F-E31AEBEB8C69} - System32\Tasks\CareCenter\SharpTray.exe_Reg_HKLMWow6432Run => C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe [156672 2011-12-20] (SHARP CORPORATION) [File not signed]
Task: {FD0A9F01-531F-4FE9-94C6-9551F07012E8} - System32\Tasks\Driver Booster SkipUAC (Michal) => C:\Program Files (x86)\IObit\Driver Booster\7.1.0\DriverBooster.exe [7757072 2019-11-14] (IObit Information Technology -> IObit)
Task: {FEC749CF-0AA9-4EA8-A02A-473ED3C7208B} - System32\Tasks\PDRStyleAgent => C:\Program Files\CyberLink\PowerDirector16\PDRStyleAgent.exe [99608 2018-04-18] (CyberLink Corp. -> CyberLink Corp.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 185.108.120.1 8.8.8.8
Tcpip\..\Interfaces\{259d4b7e-9fbb-4d1a-ae02-90094bca3429}: [NameServer] 160.218.161.60 194.228.211.33
Tcpip\..\Interfaces\{3070c0c4-916b-4215-86ab-a0994c786b6b}: [NameServer] 160.218.161.60 194.228.211.33
Tcpip\..\Interfaces\{bdc447da-4394-4fc9-ac32-db2dbc6e2d54}: [DhcpNameServer] 185.108.120.1 8.8.8.8
Tcpip\..\Interfaces\{c1d62724-acfb-4864-8f71-d7f2e1e8cac3}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{f1a3292a-5ab0-4e06-80d3-5790e1d6ab8e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fa9d648b-6990-4b0c-9884-84d7bb8cffbc}: [DhcpNameServer] 10.66.216.1
Internet Explorer:
==================
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001 -> DefaultScope {43B3F7A7-C57A-44F9-A4AF-C1CA78A86043} URL =
SearchScopes: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001 -> {43B3F7A7-C57A-44F9-A4AF-C1CA78A86043} URL =
SearchScopes: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {64865E5A-E8D7-44C1-89E1-99A84F6E56D0} hxxp://192.168.1.202/VVTK_Plugin_Installer.exe
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files (x86)\Sharp\Sharpdesk\ExplorerExtensions.dll [2011-12-20] (SHARP CORPORATION) [File not signed]
FireFox:
========
FF DefaultProfile: rzzk17eb.default
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\rzzk17eb.default [2020-01-18]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\rzzk17eb.default\Extensions\abb-acer@amazon.com [2016-12-16] [Legacy]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\rzzk17eb.default\Extensions\langpack-cs@firefox.mozilla.org [2016-12-16] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\rzzk17eb.default\Extensions\partnerdefaults@mozilla.com [2016-12-16] [Legacy]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2016-10-26] [Legacy]
FF Extension: (Czech (CZ) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-cs@firefox.mozilla.org [2016-10-26] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2016-10-26] [Legacy]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2011-04-14] (Google Inc. -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-22]
Chrome:
=======
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.facebook.com
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default [2020-01-22]
CHR Extension: (Prezentace) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-16]
CHR Extension: (MEGA) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2020-01-16]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-16]
CHR Extension: (Elektronický podpis ČSOB) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahecpanklnlonjjlojnjjcigcbflego [2017-05-31]
CHR Extension: (Tabulky) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-16]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [961744 2014-07-13] (ABBYY Production LLC -> ABBYY Production LLC)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [406504 2019-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [38248 2019-12-13] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [145768 2019-12-13] (IDSA Production signing key -> Intel)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2245488 2019-12-11] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2245488 2019-12-11] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1855976 2019-11-15] (Intel Corporation -> Intel Corporation)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [877368 2019-08-16] (Intel(R) Software Development Products -> )
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2019-06-20] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3854336 2019-06-20] (Firebird Project) [File not signed]
R2 Freedome Service; C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe [434648 2016-12-16] (F-Secure Corporation -> F-Secure Corporation)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-06-11] (GoPro Media, Inc. -> )
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] (Huawei Technologies Co., Ltd. -> )
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806352 2019-11-15] (ICEpower a/s -> ICEpower)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [976848 2016-01-14] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-02-05] (Intel Corporation) [File not signed]
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-02-05] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-02-12] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [651856 2013-10-26] (Huawei Technologies Co., Ltd. -> )
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1711352 2015-09-14] (O&O Software GmbH -> O&O Software GmbH)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [191768 2019-11-15] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
R2 RapiMgr; C:\WINDOWS\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2017-06-23] (CyberLink Corp. -> CyberLink)
R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe [2156512 2019-11-15] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [204088 2019-08-16] (Intel(R) Software Development Products -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (Acer Incorporated -> acer)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [877368 2019-08-16] (Intel(R) Software Development Products -> )
R2 VmbNotifierService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\VmbNotifierService.exe [185344 2017-10-21] (Vodafone) [File not signed]
R2 WcesComm; C:\WINDOWS\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2085760 2016-09-16] (Sony Mobile Communications AB -> Sony) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2019-11-15] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [90536 2019-07-14] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
S3 dlusbaudio; C:\WINDOWS\System32\drivers\dlusbaudio_x64.sys [238320 2017-05-29] (DISPLAYLINK -> DisplayLink Corp.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [78680 2019-11-15] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [71000 2019-11-15] (Intel Corporation -> Intel Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-05-13] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-05-13] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-11-01] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-11-01] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-05-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-11-01] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-11] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [402264 2019-11-15] (Intel Corporation -> Intel Corporation)
S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-09-27] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2012-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [130944 2014-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R3 HID_PCI; C:\WINDOWS\System32\drivers\HID_PCI.sys [30832 2016-03-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-11-15] (Martin Malik - REALiX -> REALiX(tm))
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380672 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 iactrllogic; C:\WINDOWS\System32\drivers\iactrllogic64.sys [182184 2019-11-15] (Microsoft Corporation -> Intel(R) Corporation)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [98760 2019-11-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1035744 2019-11-15] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ISH; C:\WINDOWS\System32\drivers\ISH.sys [155288 2019-11-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel)
R3 ISH_BusDriver; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [76912 2016-03-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2019-11-15] (Acer Incorporated -> Acer Incorporated)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-11-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 ov5670; C:\WINDOWS\System32\drivers\ov5670.sys [159104 2019-11-15] (Intel Corporation -> Intel Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2371864 2019-11-15] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2019-11-15] (Acer Incorporated -> Acer Incorporated)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [450152 2019-11-15] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3149832 2017-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [41816 2019-08-16] (Intel Corporation -> )
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56840 2019-11-15] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2019-11-15] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-11] (Microsoft Windows -> Microsoft Corporation)
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [41536 2019-11-15] (Intel(R) Software -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 06:28 - 2020-01-22 06:29 - 000038972 _____ C:\Users\Michal\Desktop\FRST.txt
2020-01-22 06:28 - 2020-01-22 06:29 - 000000000 ____D C:\FRST
2020-01-22 06:28 - 2020-01-22 06:28 - 002572800 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2020-01-21 16:27 - 2020-01-21 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D&G Unlocker
2020-01-21 16:27 - 2020-01-21 16:27 - 000000000 ____D C:\data
2020-01-21 16:02 - 2020-01-21 16:02 - 000000000 ____D C:\Users\Public\Documents\iMyFone
2020-01-21 16:01 - 2020-01-21 16:01 - 000000000 ____D C:\Program Files (x86)\imyfone_down
2020-01-21 15:47 - 2020-01-21 15:47 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2020-01-21 15:42 - 2020-01-21 15:42 - 000000000 ____D C:\Users\Michal\.android
2020-01-21 15:40 - 2020-01-21 16:27 - 000000000 ____D C:\adb
2020-01-21 13:35 - 2020-01-21 13:35 - 000001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\TAGRA.lnk
2020-01-21 13:35 - 2020-01-21 13:35 - 000001015 _____ C:\Users\Public\Desktop\TAGRA.lnk
2020-01-21 13:35 - 2020-01-21 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAGRA 137
2020-01-21 13:34 - 2020-01-21 13:34 - 032868288 _____ C:\Users\Michal\Downloads\TAGRA_eu.zip
2020-01-20 11:39 - 2020-01-20 11:39 - 000006422 _____ C:\Users\Michal\Downloads\fa 2020003.pdf
2020-01-20 06:16 - 2020-01-20 06:16 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-20 06:15 - 2020-01-20 06:16 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-20 06:11 - 2019-12-10 06:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-20 06:11 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-18 09:38 - 2020-01-18 10:00 - 000024890 _____ C:\Users\Michal\Desktop\Loading schedule form_4.xlsx
2020-01-14 13:19 - 2020-01-14 13:19 - 000119203 _____ C:\Users\Michal\Downloads\FORESTRA - SK KI BRAND LKW.pdf
2020-01-07 15:46 - 2020-01-07 15:46 - 000043520 _____ C:\Users\Michal\Desktop\Přehled nabídek_LČbezPD_2020+_k uveřejnění.xls
2020-01-07 15:46 - 2020-01-07 15:46 - 000034816 _____ C:\Users\Michal\Desktop\Přehled nabídek_PČ_2020+_k uveřejnění.xls
2020-01-07 15:45 - 2020-01-07 15:45 - 000039936 _____ C:\Users\Michal\Desktop\Přehled nabídek_LČsPD_2020+_k uveřejnění.xls
2020-01-03 17:16 - 2020-01-03 17:16 - 001396788 _____ C:\Users\Michal\Downloads\office 2016+activator věžně funguje (byvořech).rar
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-22 06:27 - 2016-12-17 13:36 - 000000000 ____D C:\Users\Michal\Documents\Soubory aplikace Outlook
2020-01-22 06:15 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-22 06:12 - 2016-12-16 13:43 - 000000000 ____D C:\Users\Michal\Documents\Sharpdesk Desktop
2020-01-22 06:07 - 2019-07-02 15:22 - 000003534 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2020-01-22 06:05 - 2016-12-16 12:07 - 000000000 __SHD C:\Users\Michal\IntelGraphicsProfiles
2020-01-21 16:02 - 2019-08-27 08:09 - 000000000 ____D C:\Program Files\DIFX
2020-01-21 16:02 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-21 15:42 - 2019-07-02 15:17 - 000000000 ____D C:\Users\Michal
2020-01-21 15:32 - 2017-07-27 19:02 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-01-21 14:48 - 2019-07-02 15:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-21 14:08 - 2019-08-11 07:21 - 000011488 _____ C:\Users\Michal\Desktop\Sešit1.xlsx
2020-01-21 13:53 - 2017-12-19 06:09 - 000000000 ____D C:\Users\Michal\AppData\Local\Packages
2020-01-21 13:35 - 2016-12-17 14:18 - 000000000 ____D C:\Program Files (x86)\TAGRA.eu
2020-01-21 13:33 - 2019-08-27 08:17 - 000000000 ____D C:\ProgramData\firebird
2020-01-21 13:33 - 2018-07-07 13:08 - 000000000 ____D C:\Users\Michal\Documents\Nová složka
2020-01-21 13:33 - 2016-08-02 03:25 - 000000000 ___HD C:\OEM
2020-01-20 16:08 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-20 16:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-20 10:16 - 2019-07-02 15:24 - 001695456 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-20 10:16 - 2019-03-19 12:57 - 000719670 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-20 10:16 - 2019-03-19 12:57 - 000145698 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-20 10:11 - 2019-07-02 15:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-20 10:11 - 2019-07-02 15:14 - 000514360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-20 06:52 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-20 06:52 - 2018-05-13 11:43 - 000041448 _____ C:\WINDOWS\system32\OV5670_REAR.aiqd
2020-01-20 06:51 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-20 06:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-20 06:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-20 06:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-20 06:21 - 2016-12-16 13:15 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-20 06:18 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-20 06:18 - 2016-12-16 13:15 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-19 08:51 - 2016-12-17 12:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-01-19 08:30 - 2019-07-02 15:22 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2709589950-1360842280-2128968388-1001
2020-01-19 08:30 - 2019-07-02 15:17 - 000002372 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-19 08:30 - 2016-12-16 12:09 - 000000000 ___RD C:\Users\Michal\OneDrive
2020-01-17 14:51 - 2016-12-17 11:04 - 000053607 _____ C:\Users\Michal\Desktop\stepka.xlsx
2020-01-17 12:06 - 2016-12-23 14:17 - 000000000 ____D C:\WINDOWS\files
2020-01-14 12:22 - 2019-09-19 13:02 - 000013895 _____ C:\Users\Michal\Desktop\Tabuľka kompenzácie.xlsx
2020-01-14 12:21 - 2019-12-03 11:34 - 000012223 _____ C:\Users\Michal\Desktop\Tabuľka kompenzácie_ACTIV.xlsx
2020-01-14 06:16 - 2019-12-11 14:28 - 000000000 ____D C:\Users\Michal\Desktop\dynasty
2020-01-12 17:21 - 2017-10-19 12:00 - 000000000 ___RD C:\Users\Michal\Downloads\ISO2GOD
2020-01-12 17:10 - 2019-10-20 14:14 - 000000000 ____D C:\Program Files (x86)\FastShare
2020-01-10 13:37 - 2018-10-06 10:38 - 000000000 ____D C:\Users\Michal\Desktop\cina
2020-01-08 15:16 - 2018-12-12 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-01-08 06:19 - 2016-12-16 12:14 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-07 11:18 - 2017-01-19 14:32 - 000000000 ____D C:\Users\Michal\AppData\Roaming\vlc
2020-01-05 11:52 - 2019-11-21 08:33 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-30 09:09 - 2016-12-17 10:54 - 000000000 ____D C:\Pracovni
2019-12-27 17:13 - 2017-09-27 05:45 - 000000000 ____D C:\Users\Michal\AppData\Roaming\IObit
==================== Files in the root of some directories ========
2017-07-12 07:13 - 2006-05-19 12:48 - 000034816 _____ () C:\Program Files\winbox.exe
2018-05-13 07:43 - 2018-05-13 07:43 - 000000210 _____ () C:\Users\Michal\AppData\Roaming\MICHAL.MTBF.txt
2018-05-13 07:45 - 2018-09-18 11:18 - 000004608 _____ () C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-25 12:03 - 2017-07-25 12:03 - 000000084 _____ () C:\Users\Michal\AppData\Local\FSDownloader.err
2017-07-25 11:40 - 2017-07-25 17:32 - 000001080 _____ () C:\Users\Michal\AppData\Local\FSDownloader.nast
2017-09-16 09:14 - 2017-09-16 09:14 - 000007604 _____ () C:\Users\Michal\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
- Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakujicici okna z chrome prohlizece
Nemáte zač a za příspěvek děkujeme. Potřeboval bych ale vidět obsah souboru fixlog.txt. Měl by být na ploše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
- Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakujicici okna z chrome prohlizece
Tentokrát to byl jiný ovladač. Chybu zkuste opravit podle tohoto návodu: https://www.wikifixes.com/cs/errors/dll ... gIulPD_BwE .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakujicici okna z chrome prohlizece
Diky prispevek 300 kc odeslan. Fixlog.txt na plose nemam jen frst a addition.txt 

- Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakujicici okna z chrome prohlizece
My děkujeme za příspěvek a vy nemáte zač.
Fixlog se vytvoří, jen se někdy sám neotevře. Je tam, kde jsou ostatní produkty FRST. Pokud ne, máte buď přeplněnou plochu, nebo jste ho smazal.

Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vyskakujicici okna z chrome prohlizece
Zdravim
Nechapu. Dam jsem FRST na disk C: a fixlog nevyskocil. nevite cim to muze byt.
Nechapu. Dam jsem FRST na disk C: a fixlog nevyskocil. nevite cim to muze byt.
- Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vyskakujicici okna z chrome prohlizece
Někdy se to stane. Soubor fixlog.txt po provedení fixování se ukládá do stejného adresáře, kde máte uložen FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.