vyskakujicici okna z chrome prohlizece

[jack68]

Dobry den,
k brouzdani pouzivam CHRome a obcas se mi stane ze vyskoci reklama na nejaky clanek v externim okne,. Je mozne to nejak zrusit??Diky

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Dell_tatka (06-01-2020 10:12:31)
Running from C:\Users\Dell_tatka\Desktop
Windows 10 Home Version 1903 18362.535 (X64) (2019-07-26 05:12:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-139710159-428793708-3185880871-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-139710159-428793708-3185880871-503 - Limited - Disabled)
Dell_tatka (S-1-5-21-139710159-428793708-3185880871-1001 - Administrator - Enabled) => C:\Users\Dell_tatka
Guest (S-1-5-21-139710159-428793708-3185880871-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-139710159-428793708-3185880871-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{a914536c-bd41-479c-96aa-dee4a9639c22}) (Version: 21.10.1 - Intel Corporation)
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell Update (HKLM-x32\...\{5EBBC1DA-975F-44A0-B438-F325BCD45577}) (Version: 3.1.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{736A97C6-8766-3699-84A9-71736C5E0CE3}) (Version: 3.1.11.0 - Dropbox, Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.1.6664.10 - PC-Doctor, Inc.) Hidden
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
GFExperience.Deployer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer) (Version: 3.13.1.30 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
I.CA Diagnostic (HKLM-x32\...\{6969F77F-418C-448B-9CA2-D7304112609E}) (Version: 1.2.8.0 - První certifikační autorita, a.s.) Hidden
I.CA Diagnostic (HKLM-x32\...\I.CA Diagnostic 1.2.8.0) (Version: 1.2.8.0 - První certifikační autorita, a.s.)
I.CA Maintenance (HKLM-x32\...\{29BC7C1E-3AEC-47AB-B820-FC16D759F1B3}) (Version: 1.3.0.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.0.0) (Version: 1.3.0.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{446955F6-A94B-4293-B646-43A9ADD4D62B}) (Version: 1.2.5.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.2.5.0) (Version: 1.2.5.0 - První certifikační autorita, a.s.)
I.CA SecureStore 4.5 (HKLM\...\{974DE7F0-8CE5-4269-9395-2E1314A7E8CB}) (Version: 4.5 - První certifikační autorita, a.s.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Network Scanner version 4.0.0.199 (HKLM-x32\...\Network Scanner_is1) (Version: 4.0.0.199 - LizardSystems)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.11.00.445 - Huawei Technologies Co.,Ltd)
Ovládací panel NVIDIA 391.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.25 - NVIDIA Corporation) Hidden
Ovladač skeneru SHARP MFP TWAIN K (HKLM-x32\...\SHARP MFP TWAIN K Scanner Driver) (Version: 1.00.000 - SHARP)
PDP 2016.01 (HKLM-x32\...\Podnikový a domácí právník 2016_is1) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\PhotoFiltre Studio X) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Printer Status Monitor Version 4.2.0 (HKLM-x32\...\Printer Status Monitor) (Version: 4 - SHARP)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.5.02 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21289 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8578 - Realtek Semiconductor Corp.)
Registrace produktu (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:) Hidden
Registrace produktu Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:)
SHARP MX/MX-M/DX Series PCL/PS Printer Driver (HKLM-x32\...\SHARP MX-2310U PCL PS Printer Driver) (Version: 1.00.000 - SHARP)
Sharpdesk (HKLM-x32\...\{2A30AFBD-6DA5-499F-A83B-7CB2DFF21C23}) (Version: 3.3 - SHARP CORPORATION)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
SmartPSS 2.02.1 (HKLM-x32\...\SmartPSS) (Version: 2.02.1 - )
STORMWARE POHODA Start CZ (HKLM-x32\...\{9048A3CC-D8F1-46FD-91D4-1D157BE71447}) (Version: 11601.12 - STORMWARE)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{139493B2-F1BC-4F05-A974-B49297C1EB04}) (Version: 1.1.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_SK_is1) (Version: 18.0.1.4 - ZONER software)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-01] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-10] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-01-08] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxDTCM.dll [2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Dell_tatka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2016-03-04 17:31 - 2015-06-02 18:51 - 000127057 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh3.dll
2016-03-04 17:31 - 2015-07-28 17:38 - 000143449 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh4.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000127062 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\ShDevice.dll
2016-03-04 17:31 - 2015-06-02 18:50 - 000770048 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSNMP2.dll
2016-03-04 17:31 - 2015-06-02 18:50 - 000106496 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSnmpWrapper.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000061520 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\MIBaccs.dll
2016-03-04 17:31 - 2015-07-28 17:38 - 000094208 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResSh3CSY.DLL
2016-03-04 17:31 - 2015-07-28 17:38 - 000077824 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResSh4CSY.DLL
2016-03-04 17:31 - 2015-07-28 17:39 - 000094208 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResShDeviceCSY.DLL
2016-03-04 17:31 - 2015-07-28 17:39 - 000090112 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\resources\resSMON2CSY.dll
2016-03-04 17:31 - 2015-06-02 18:44 - 000131072 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\SMONIPRV.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000028752 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\smonpdb.dll
2011-12-23 00:01 - 2011-12-23 00:01 - 000930304 _____ () [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\SCprMfpif.dll
2018-01-10 07:33 - 2009-06-23 03:42 - 000043008 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2018-01-10 07:33 - 2009-01-10 19:32 - 000011362 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2018-01-10 07:33 - 2013-08-31 06:44 - 002417152 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2018-01-10 07:33 - 2013-08-31 06:46 - 001148416 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2016-01-07 10:47 - 2016-06-14 21:01 - 001298640 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2011-12-22 23:44 - 2011-12-22 23:44 - 000257024 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\FlowManager.dll
2011-12-15 16:54 - 2011-12-15 16:54 - 000563200 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\mfpngbh.dll
2011-12-23 00:05 - 2011-12-23 00:05 - 000596480 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\ProfMgr.dll
2011-12-22 23:43 - 2011-12-22 23:43 - 000434176 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\Resources\resndkENU.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-05-29 09:05 - 2019-05-29 10:55 - 000000433 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dell_tatka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 185.108.120.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{43C77527-8A8E-4D5B-987C-03D383F418B2}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [TCP Query User{071C9637-CF6F-461E-8B86-57DF5989C3E3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{95423BA3-EF06-4AEC-8800-D51CD361E06A}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe No File
FirewallRules: [UDP Query User{C5D43968-36F4-4213-B016-6E17C858ACCF}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{58B3A1A2-119A-4DE4-96AB-90B076E003BD}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{CD7BF9AE-44B5-491E-AC29-DBB265E02E71}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{4627DD6A-FB29-4A81-B24E-9DC32894066D}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{EACC7C3C-6164-44F0-A86A-F0EF51CBF3F1}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Block) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [TCP Query User{E6DD19BC-8EB7-4707-8108-30A32D7EF2B4}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Block) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [UDP Query User{AE6D0C3E-E556-4673-AD2A-6545F570DC33}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Allow) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [TCP Query User{08083C2E-7EEB-4C6C-89CD-07EFEDB602E8}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Allow) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [{F626C789-9157-46E5-A1E8-D472DFB2875A}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [{14B689EE-47F9-4EE0-9439-107D75FC74A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe (Intel(R) Wireless Display -> )
FirewallRules: [{17317716-F47E-489E-AEF9-958155AA5BAF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe No File
FirewallRules: [{C13CE699-DE4A-4B71-9AD8-AE91943FD78C}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe (Intel(R) Wireless Display -> Intel Corporation)
FirewallRules: [{D35D9F3A-8937-4B10-95C4-10BDD24A07A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{FA1F0C9D-C24B-4688-9C4A-82E9364ED369}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{43259E2C-5155-4BA2-82E9-79DB28843A45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC847E9C-8E33-428E-861D-2DFB149493CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66ACB363-159C-4C7D-8AA3-913FDF06AA17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{DC9908B4-A5DA-410E-96BE-66A52896A7AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{6BF98FC1-EB55-48D1-B66D-F4213EE19470}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{74BEB868-02AC-40EC-8FD6-628BF054BD3C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{47C4AE9F-A06B-4150-804F-5CF4A07C506F}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [TCP Query User{0D99E45A-5114-4A57-BAE6-4D02C6000634}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [UDP Query User{69AA6F1F-7B36-4B37-8CCB-85BE8F2F23E3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{ADE6A743-C2B0-4F6C-BE53-536C22163ABE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [TCP Query User{05939026-83F2-4A24-B769-C447CC62B6C3}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [UDP Query User{A2090841-236F-4956-9F85-BB85A3ACE5E4}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [{09EBA353-2051-4324-9D8E-24BB961FBCFC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:106.15 GB) (Free:5.9 GB) (6%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/06/2020 09:24:29 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8692,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/06/2020 07:49:41 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 24920; požadovaná velikost: 33592.

Error: (01/06/2020 07:06:35 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13260,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/06/2020 06:02:37 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12132,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/05/2020 02:33:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14768,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/05/2020 02:29:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RuntimeBroker.exe, verze: 10.0.18362.1, časové razítko: 0x4539d5a0
Název chybujícího modulu: RasMediaManager.dll, verze: 10.0.18362.1, časové razítko: 0xbdd09b8e
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000051d1
ID chybujícího procesu: 0x258
Čas spuštění chybující aplikace: 0x01d5c3cbf6a14706
Cesta k chybující aplikaci: C:\Windows\System32\RuntimeBroker.exe
Cesta k chybujícímu modulu: C:\Windows\System32\RasMediaManager.dll
ID zprávy: 6b7b6612-0345-4c11-b307-e662fe8dd7c7
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: runtimebroker07f4358a809ac99a64a67c1

Error: (01/05/2020 02:27:56 PM) (Source: NSSDK.CprMfpif.1) (EventID: 8226) (User: )
Description: Event-ID 8226

Error: (01/05/2020 02:27:52 PM) (Source: NSSDK.MfpifValidator.1) (EventID: 8226) (User: )
Description: IP 192.168.1.199 cannot be reached on the network. (0x8215110b)


System errors:
=============
Error: (01/06/2020 05:54:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_433971a byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/05/2020 02:27:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_413d7b6 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/05/2020 08:39:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_3fa6215 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/04/2020 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/04/2020 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/04/2020 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/04/2020 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/04/2020 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: DELL)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2019-10-11 09:15:18.348
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Program Files\KMSpico\AutoPico.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Verze bezpečnostních informací: AV: 1.245.822.0, AS: 1.245.822.0, NIS: 1.245.822.0
Verze modulu: AM: 1.1.13804.0, NIS: 1.1.13804.0

Date: 2019-10-11 09:15:16.300
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Program Files\KMSpico\Service_KMS.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Verze bezpečnostních informací: AV: 1.245.822.0, AS: 1.245.822.0, NIS: 1.245.822.0
Verze modulu: AM: 1.1.13804.0, NIS: 1.1.13804.0

CodeIntegrity:
===================================

Date: 2020-01-06 07:03:11.904
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-06 07:03:11.891
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-06 05:54:51.179
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-05 08:40:18.601
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-04 08:56:18.132
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-04 08:56:18.123
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-04 08:55:49.949
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-03 08:15:45.996
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.2.7 12/13/2017
Motherboard: Dell Inc. 000000
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 32%
Total physical RAM: 16254.29 MB
Available physical RAM: 11003.26 MB
Total Virtual: 18686.29 MB
Available Virtual: 12822.15 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:106.15 GB) (Free:5.9 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:928.41 GB) NTFS

\\?\Volume{8dc6a76a-60a4-4395-bb7f-f97ead963c53}\ (WINRETOOLS) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{537221fb-1e09-4fc8-a093-6569b7543d8e}\ (Image) (Fixed) (Total:11.6 GB) (Free:0.44 GB) NTFS
\\?\Volume{9a51c001-1279-4ec0-bc9d-b961b90eff20}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 24B8784C)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 3E66F4BB)

Partition: GPT.

==================== End of Addition.txt =======================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by Dell_tatka (administrator) on DELL (Dell Inc. Inspiron 7559) (06-01-2020 10:11:32)
Running from C:\Users\Dell_tatka\Desktop
Loaded Profiles: Dell_tatka (Available Profiles: Dell_tatka)
Platform: Windows 10 Home Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe
(@ByELDI -> @ByELDI) [File not signed] C:\Program Files\KMSpico\Service_KMS.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) [File not signed] C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc -> Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc -> Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(EnTech Taiwan -> EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19081.22010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\FTPServer.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\nsapp.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\SharpTray.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9278152 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3075552 2015-04-30] (Dell Inc -> Dell Inc.) [File not signed]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [SN02IPRW] => C:\Windows\SysWOW64\SN02SELC.EXE [135168 2005-02-15] (SHARP CORPORATION) [File not signed]
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [183088 2019-12-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2016-04-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [SharpTray.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe [156672 2011-12-20] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [FtpServer.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\FtpServer.exe [820224 2011-12-22] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [IndexTray.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\IndexTray.exe [395264 2011-12-20] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [ICAMaintenance_ICAPKIService_RegKeysRefresh] => C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --notification-launch-id=3|0|Default|0|hxxps://www.cestujlevne.com/|p#hxxps://www.cest ... b08aecdfcd --flag-switches-begin --flag-switches-end --restore-last-session
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {6e6b3076-f1f5-11e7-9c26-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc29b-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc481-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2016-06-13]
ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan -> EnTech Taiwan)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printer Status Monitor.lnk [2016-03-04]
ShortcutTarget: Printer Status Monitor.lnk -> C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04E49419-204A-438C-A059-B335E4346E83} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {10971286-2681-434A-AD83-9DBE477AE885} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {14650F43-B992-4118-ACC9-E1E0E60801D8} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {1A2EE529-0449-4294-9845-592EFB18EADB} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1A942868-3D6D-4DE1-A3C3-F276DA35331E} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {31CDA273-9065-4C80-944A-BA08FB1DF270} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {32068555-180C-4F88-8229-5BDE044EAA9E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
Task: {3983B469-D165-4245-B5BC-CE57C1E6CF62} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1218808 2015-05-20] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {4BE2D38A-3822-4253-AA0F-ADBC10130A04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {6E3C8BFF-A891-4ADE-B102-C4934836B613} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {939162BD-F937-443E-B0F8-9A15ACB6B83C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9685FE77-E6D1-4E21-9E4B-64638743A898} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
Task: {983BD77F-C68B-4357-B662-367FD7745F10} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F86F30D-53B1-4D50-BD09-C9110843DDE1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {A8CC2AE5-AC15-461C-BE6D-F9EFC19AF08F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {BC3B138D-D504-46C8-94D8-E119A098B5E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3395BB3-1069-4272-9068-58924E1CB982} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2013600 2018-06-12] (NVIDIA Corporation -> )
Task: {EB4FE8C8-8516-4F24-B5DF-2BD79B591FE9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F03C1109-9C5B-4592-B71D-75D3E3E206C7} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1218808 2015-05-20] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {F2F00761-97D7-4716-AA05-B3B4ABC1795A} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {F3C6A751-D8E0-40C5-9E7D-4654226E1A07} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 185.108.120.1 8.8.8.8
Tcpip\..\Interfaces\{57533889-0b01-4c5c-9e4d-20fa9865c0b4}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{dc737c9a-0fbe-4ebd-9482-610a7480c65e}: [DhcpNameServer] 18.0.0.16
Tcpip\..\Interfaces\{e76e89b9-6f70-4bcf-8f42-0181a9337366}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{f8e97a97-203e-460b-bcb1-a7f5149c06b9}: [DhcpNameServer] 185.108.120.1 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell15.msn.com/?pc=DCTE
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> DefaultScope {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files (x86)\Sharp\Sharpdesk\ExplorerExtensions.dll [2011-12-20] (SHARP CORPORATION) [File not signed]

Edge:
======
DownloadDir: C:\Users\Dell_tatka\Downloads

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Notifications: Default -> hxxps://0.costsimpleplay.com; hxxps://www.cestujlevne.com; hxxps://www.planetacestovani.cz
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default [2020-01-06]
CHR Extension: (Prezentace) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-04]
CHR Extension: (YouTube) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-04]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-01-06]
CHR Extension: (Elektronický podpis ČSOB) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahecpanklnlonjjlojnjjcigcbflego [2018-08-21]
CHR Extension: (Tabulky) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-18]
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36032 2019-11-08] (Dell Inc -> )
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2245488 2019-12-13] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1585784 2016-06-03] (Intel Corporation - pGFX -> Intel Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] (Huawei Technologies Co., Ltd. -> )
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-07] (Intel(R) Wireless Display -> Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [311584 2019-04-22] (Intel Corporation -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [651856 2013-10-26] (Huawei Technologies Co., Ltd. -> )
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [277192 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [615384 2017-02-07] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4110624 2019-04-22] (Intel Corporation -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 CertPropSvc; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R4 DBUtil_2_3; C:\WINDOWS\TEMP\DBUtil_2_3.Sys [14840 2019-12-27] (Dell Inc. -> )
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [70208 2016-05-18] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088 2016-05-18] (Intel Corporation -> Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-10-31] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-10-31] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-05-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-10-31] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-13] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [343608 2016-05-18] (Intel Corporation -> Intel Corporation)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2012-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380672 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Netwtw02; C:\WINDOWS\System32\drivers\Netwtw02.sys [6723856 2016-01-21] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8728672 2019-05-03] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_2c7c773e20d8bcfa\nvlddmkm.sys [17538080 2018-06-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-03-21] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
U5 SCardSvr; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-07] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-06 10:11 - 2020-01-06 10:12 - 000032531 _____ C:\Users\Dell_tatka\Desktop\FRST.txt
2020-01-06 10:10 - 2020-01-06 10:11 - 000000000 ____D C:\FRST
2020-01-06 10:09 - 2020-01-06 10:09 - 002272256 _____ (Farbar) C:\Users\Dell_tatka\Desktop\FRST64.exe
2020-01-06 08:57 - 2020-01-06 08:57 - 000000000 ____D C:\Users\Dell_tatka\Downloads\backups
2020-01-06 08:56 - 2020-01-06 08:56 - 000388608 _____ (Trend Micro Inc.) C:\Users\Dell_tatka\Downloads\HijackThis.exe
2020-01-04 12:46 - 2020-01-04 12:46 - 000145874 _____ C:\Users\Dell_tatka\Desktop\Montáže sádrokartonů Veselí nad Moravou • Firmy.cz.html
2020-01-04 12:46 - 2020-01-04 12:46 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Montáže sádrokartonů Veselí nad Moravou • Firmy.cz_files
2020-01-04 12:36 - 2020-01-04 12:36 - 000204684 _____ C:\Users\Dell_tatka\Desktop\Tesařství, pokrývačství a klempířství Veselí nad Moravou • Firmy.cz.html
2020-01-04 12:36 - 2020-01-04 12:36 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Tesařství, pokrývačství a klempířství Veselí nad Moravou • Firmy.cz_files
2020-01-03 09:09 - 2020-01-03 09:09 - 000000185 _____ C:\Users\Dell_tatka\Downloads\doklady (3).txt
2020-01-02 11:02 - 2020-01-02 11:02 - 000000037 _____ C:\Users\Dell_tatka\Downloads\doklady (2).txt
2019-12-27 12:06 - 2019-12-27 12:06 - 001190931 _____ C:\Users\Dell_tatka\Downloads\03PT-003572 - Smlouva-a.pdf
2019-12-27 08:48 - 2019-12-27 08:48 - 000000597 _____ C:\Users\Dell_tatka\Documents\iBRIDGE Photos – Veselí ČS
2019-12-25 11:39 - 2019-12-25 11:39 - 000072453 _____ C:\Users\Dell_tatka\Downloads\Cenik_sluzeb_TD.pdf
2019-12-22 09:18 - 2019-12-22 09:18 - 000000000 ____D C:\WINDOWS\{D9D526E4-4469-47D1-A5F7-65696A7980DD}
2019-12-22 09:18 - 2019-12-22 09:18 - 000000000 ____D C:\WINDOWS\{D7BFF4AE-10EB-46B8-9A9A-5E8FEE1EFB86}
2019-12-20 13:39 - 2019-12-20 13:41 - 000000000 ____D C:\Users\Dell_tatka\Desktop\fotky 2019
2019-12-12 05:55 - 2019-12-12 05:55 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-12 05:55 - 2019-12-12 05:55 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-12 05:55 - 2019-12-12 05:55 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-12 05:55 - 2019-12-12 05:55 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-12 05:55 - 2019-12-12 05:55 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-12 05:55 - 2019-12-12 05:55 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-11 11:22 - 2019-12-11 11:22 - 000000191 _____ C:\Users\Dell_tatka\Downloads\Katerina-Kupcikova.vcf
2019-12-10 07:51 - 2019-12-10 07:51 - 000000142 _____ C:\Users\Dell_tatka\Downloads\stream (46).m3u
2019-12-10 07:42 - 2019-12-10 07:42 - 000000144 _____ C:\Users\Dell_tatka\Downloads\stream (45).m3u

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-06 10:10 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-06 10:00 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-06 09:35 - 2016-03-04 16:50 - 000000000 ____D C:\Users\Dell_tatka\Documents\Soubory aplikace Outlook
2020-01-06 08:56 - 2016-03-04 16:27 - 000000000 ____D C:\Users\Dell_tatka\AppData\Local\VirtualStore
2020-01-06 08:35 - 2019-07-26 06:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-06 07:30 - 2017-11-24 06:34 - 000000000 ____D C:\Users\Dell_tatka\AppData\Local\Packages
2020-01-06 06:57 - 2018-04-26 07:39 - 000000000 ____D C:\Users\Public\SmartPSS
2020-01-06 06:56 - 2019-11-20 09:57 - 000000000 ____D C:\Users\Dell_tatka\Desktop\AKE vše
2020-01-06 05:54 - 2016-03-04 16:27 - 000000000 __SHD C:\Users\Dell_tatka\IntelGraphicsProfiles
2020-01-05 14:43 - 2017-05-11 05:34 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-05 08:42 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-04 08:56 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-02 10:38 - 2019-11-20 09:54 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Česká Spořitelna Veselí
2020-01-02 07:44 - 2017-12-03 07:15 - 000032231 _____ C:\Users\Dell_tatka\Desktop\OSKOL Spotřeba energií.xlsx
2019-12-30 10:19 - 2016-06-09 08:34 - 000000000 ____D C:\Users\Dell_tatka\Desktop\scan
2019-12-27 09:30 - 2019-07-26 06:14 - 001695456 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-27 09:30 - 2019-03-19 12:55 - 000719670 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-27 09:30 - 2019-03-19 12:55 - 000145698 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-27 09:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2019-12-27 09:23 - 2019-07-26 06:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-27 09:23 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-27 09:21 - 2019-06-19 14:06 - 000000000 ____D C:\ProgramData\I.CA SecureStore
2019-12-22 07:22 - 2018-11-10 10:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-19 06:48 - 2016-03-04 14:44 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-19 06:48 - 2016-03-04 14:44 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-14 07:42 - 2019-07-26 06:12 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 07:42 - 2019-07-26 06:12 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-13 06:18 - 2018-01-19 15:32 - 000116696 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-12-13 05:16 - 2019-07-26 06:01 - 000433232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-13 05:16 - 2017-10-12 04:36 - 000000000 ___RD C:\Users\Dell_tatka\3D Objects
2019-12-13 05:16 - 2016-01-07 10:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-12 14:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-12 14:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-12 14:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-12 06:01 - 2016-03-04 17:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-12 05:58 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-12 05:58 - 2016-03-04 17:09 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-10 08:09 - 2016-05-24 10:43 - 000000000 ____D C:\Users\Dell_tatka\AppData\Roaming\vlc

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[jack68]

Dobrý den
dekuji za pomoc. tady je log
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-07-2020
# Duration: 00:00:15
# OS: Windows 10 Home
# Scanned: 34757
# Detected: 23


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.DellCustomerConnect Folder C:\Program Files (x86)\DELL CUSTOMER CONNECT
Preinstalled.DellCustomerConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}
Preinstalled.DellDigitalDelivery Folder C:\Program Files (x86)\DELL DIGITAL DELIVERY
Preinstalled.DellQuickset Folder C:\Program Files\DELL\QUICKSET
Preinstalled.DellQuickset Folder C:\Windows\DELL\QUICKSET
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|QuickSet
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|QuickSet
Preinstalled.DellQuickset Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{87CF757E-C1F1-4D22-865C-00C6950B5258}
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST
Preinstalled.DellSupportCenter Folder C:\Program Files\DELL SUPPORT CENTER
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5EBBC1DA-975F-44A0-B438-F325BCD45577}
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3983B469-D165-4245-B5BC-CE57C1E6CF62}
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3983B469-D165-4245-B5BC-CE57C1E6CF62}
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask
Preinstalled.LenovoThinkVantageToolbox Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PC-Doctor for Windows
Preinstalled.LenovoThinkVantageToolbox Task C:\Windows\System32\Tasks\PCDOCTORBACKGROUNDMONITORTASK
Preinstalled.MyDell Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dell Support Center



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[Rudy]

Nalezené položky smažte, restartujte PC a dejte nové logy FRST+Addition.

[jack68]

Zdravim a posilam
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2020
Ran by Dell_tatka (18-01-2020 10:06:49)
Running from C:\Users\Dell_tatka\Desktop
Windows 10 Home Version 1903 18362.592 (X64) (2019-07-26 05:12:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-139710159-428793708-3185880871-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-139710159-428793708-3185880871-503 - Limited - Disabled)
Dell_tatka (S-1-5-21-139710159-428793708-3185880871-1001 - Administrator - Enabled) => C:\Users\Dell_tatka
Guest (S-1-5-21-139710159-428793708-3185880871-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-139710159-428793708-3185880871-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{a914536c-bd41-479c-96aa-dee4a9639c22}) (Version: 21.10.1 - Intel Corporation)
Dell Digital Delivery (HKLM-x32\...\{4B38FF9D-7308-411D-93BF-CCF259B476ED}) (Version: 3.5.2013.0 - Dell Products, LP)
Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan)
Dropbox 20 GB (HKLM-x32\...\{736A97C6-8766-3699-84A9-71736C5E0CE3}) (Version: 3.1.11.0 - Dropbox, Inc.)
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.1.6664.10 - PC-Doctor, Inc.) Hidden
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.0.118 - Foxit Software Inc.)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
GFExperience.Deployer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer) (Version: 3.13.1.30 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
I.CA Diagnostic (HKLM-x32\...\{6969F77F-418C-448B-9CA2-D7304112609E}) (Version: 1.2.8.0 - První certifikační autorita, a.s.) Hidden
I.CA Diagnostic (HKLM-x32\...\I.CA Diagnostic 1.2.8.0) (Version: 1.2.8.0 - První certifikační autorita, a.s.)
I.CA Maintenance (HKLM-x32\...\{29BC7C1E-3AEC-47AB-B820-FC16D759F1B3}) (Version: 1.3.0.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.0.0) (Version: 1.3.0.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{446955F6-A94B-4293-B646-43A9ADD4D62B}) (Version: 1.2.5.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.2.5.0) (Version: 1.2.5.0 - První certifikační autorita, a.s.)
I.CA SecureStore 4.5 (HKLM\...\{974DE7F0-8CE5-4269-9395-2E1314A7E8CB}) (Version: 4.5 - První certifikační autorita, a.s.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Network Scanner version 4.0.0.199 (HKLM-x32\...\Network Scanner_is1) (Version: 4.0.0.199 - LizardSystems)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.11.00.445 - Huawei Technologies Co.,Ltd)
Ovládací panel NVIDIA 391.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.25 - NVIDIA Corporation) Hidden
Ovladač skeneru SHARP MFP TWAIN K (HKLM-x32\...\SHARP MFP TWAIN K Scanner Driver) (Version: 1.00.000 - SHARP)
PDP 2016.01 (HKLM-x32\...\Podnikový a domácí právník 2016_is1) (Version: - )
PDP 2020.01 (HKLM-x32\...\Podnikový a domácí právník 2020_is1) (Version: - )
PhotoFiltre Studio X (HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\PhotoFiltre Studio X) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
Printer Status Monitor Version 4.2.0 (HKLM-x32\...\Printer Status Monitor) (Version: 4 - SHARP)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21289 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8578 - Realtek Semiconductor Corp.)
Registrace produktu (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:) Hidden
Registrace produktu Dell (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Název společnosti:)
SHARP MX/MX-M/DX Series PCL/PS Printer Driver (HKLM-x32\...\SHARP MX-2310U PCL PS Printer Driver) (Version: 1.00.000 - SHARP)
Sharpdesk (HKLM-x32\...\{2A30AFBD-6DA5-499F-A83B-7CB2DFF21C23}) (Version: 3.3 - SHARP CORPORATION)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
SmartPSS 2.02.1 (HKLM-x32\...\SmartPSS) (Version: 2.02.1 - )
STORMWARE POHODA Start CZ (HKLM-x32\...\{9048A3CC-D8F1-46FD-91D4-1D157BE71447}) (Version: 11601.12 - STORMWARE)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{139493B2-F1BC-4F05-A974-B49297C1EB04}) (Version: 1.1.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_SK_is1) (Version: 18.0.1.4 - ZONER software)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-01] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-01] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-10] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-01-08] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxDTCM.dll [2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Programy\WinRAR\rarext32.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Dell_tatka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2016-03-04 17:31 - 2015-06-02 18:51 - 000127057 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh3.dll
2016-03-04 17:31 - 2015-07-28 17:38 - 000143449 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\Sh4.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000127062 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Adapters\ShDevice.dll
2016-03-04 17:31 - 2015-06-02 18:50 - 000770048 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSNMP2.dll
2016-03-04 17:31 - 2015-06-02 18:50 - 000106496 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\CMSnmpWrapper.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000061520 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\MIBaccs.dll
2016-03-04 17:31 - 2015-07-28 17:38 - 000094208 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResSh3CSY.DLL
2016-03-04 17:31 - 2015-07-28 17:38 - 000077824 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResSh4CSY.DLL
2016-03-04 17:31 - 2015-07-28 17:39 - 000094208 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Resources\ResShDeviceCSY.DLL
2016-03-04 17:31 - 2015-07-28 17:39 - 000090112 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\resources\resSMON2CSY.dll
2016-03-04 17:31 - 2015-06-02 18:44 - 000131072 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\SMONIPRV.dll
2016-03-04 17:31 - 2015-06-02 18:51 - 000028752 ____N () [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\smonpdb.dll
2011-12-22 23:51 - 2011-12-22 23:51 - 000006144 _____ () [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\discoveryps.dll
2011-12-23 00:01 - 2011-12-23 00:01 - 000930304 _____ () [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\SCprMfpif.dll
2018-01-10 07:33 - 2009-06-23 03:42 - 000043008 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2018-01-10 07:33 - 2009-01-10 19:32 - 000011362 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2018-01-10 07:33 - 2013-08-31 06:44 - 002417152 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2018-01-10 07:33 - 2013-08-31 06:46 - 001148416 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2016-01-07 10:47 - 2016-06-14 21:01 - 001298640 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2011-12-22 23:44 - 2011-12-22 23:44 - 000257024 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\FlowManager.dll
2011-12-15 16:54 - 2011-12-15 16:54 - 000563200 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\mfpngbh.dll
2011-12-23 00:05 - 2011-12-23 00:05 - 000596480 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\ProfMgr.dll
2011-12-22 23:43 - 2011-12-22 23:43 - 000434176 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\Resources\resndkENU.dll
2011-12-22 23:51 - 2011-12-22 23:51 - 000786944 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\SNMPSvcs.dll
2011-12-15 16:57 - 2011-12-15 16:57 - 000310784 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\ValMgr.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-05-29 09:05 - 2019-05-29 10:55 - 000000433 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Dell_tatka\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 185.108.120.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{43C77527-8A8E-4D5B-987C-03D383F418B2}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [TCP Query User{071C9637-CF6F-461E-8B86-57DF5989C3E3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{95423BA3-EF06-4AEC-8800-D51CD361E06A}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe No File
FirewallRules: [UDP Query User{C5D43968-36F4-4213-B016-6E17C858ACCF}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{58B3A1A2-119A-4DE4-96AB-90B076E003BD}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{CD7BF9AE-44B5-491E-AC29-DBB265E02E71}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{4627DD6A-FB29-4A81-B24E-9DC32894066D}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{EACC7C3C-6164-44F0-A86A-F0EF51CBF3F1}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Block) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [TCP Query User{E6DD19BC-8EB7-4707-8108-30A32D7EF2B4}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Block) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [UDP Query User{AE6D0C3E-E556-4673-AD2A-6545F570DC33}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Allow) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [TCP Query User{08083C2E-7EEB-4C6C-89CD-07EFEDB602E8}C:\program files (x86)\sharp\printer status monitor\smon.exe] => (Allow) C:\program files (x86)\sharp\printer status monitor\smon.exe () [File not signed]
FirewallRules: [{F626C789-9157-46E5-A1E8-D472DFB2875A}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [{14B689EE-47F9-4EE0-9439-107D75FC74A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe (Intel(R) Wireless Display -> )
FirewallRules: [{17317716-F47E-489E-AEF9-958155AA5BAF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe No File
FirewallRules: [{C13CE699-DE4A-4B71-9AD8-AE91943FD78C}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe (Intel(R) Wireless Display -> Intel Corporation)
FirewallRules: [{D35D9F3A-8937-4B10-95C4-10BDD24A07A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{FA1F0C9D-C24B-4688-9C4A-82E9364ED369}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{43259E2C-5155-4BA2-82E9-79DB28843A45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC847E9C-8E33-428E-861D-2DFB149493CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66ACB363-159C-4C7D-8AA3-913FDF06AA17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{DC9908B4-A5DA-410E-96BE-66A52896A7AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{6BF98FC1-EB55-48D1-B66D-F4213EE19470}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{74BEB868-02AC-40EC-8FD6-628BF054BD3C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{47C4AE9F-A06B-4150-804F-5CF4A07C506F}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [TCP Query User{0D99E45A-5114-4A57-BAE6-4D02C6000634}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [UDP Query User{69AA6F1F-7B36-4B37-8CCB-85BE8F2F23E3}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{ADE6A743-C2B0-4F6C-BE53-536C22163ABE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [TCP Query User{05939026-83F2-4A24-B769-C447CC62B6C3}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [UDP Query User{A2090841-236F-4956-9F85-BB85A3ACE5E4}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [{B1A04FD5-CD24-4A48-9CCC-FD9086925FFE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:106.15 GB) (Free:5.12 GB) (5%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/18/2020 10:04:16 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 30648; požadovaná velikost: 31384.

Error: (01/18/2020 10:03:44 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 7932 ms

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function: WIPolicyActiveRelationshipTableChanged::execute
Message: Unhandled exception caught during execution of work item
Framework Event: PolicyActiveRelationshipTableChanged [44]
Policy: Active Policy [0]
Exception Function: Policy::executePolicyActiveRelationshipTableChanged
Exception Text:

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]

Error: (01/18/2020 10:03:44 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 7918 ms

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function: WIPolicyActiveRelationshipTableChanged::execute
Message: Unhandled exception caught during execution of work item
Framework Event: PolicyActiveRelationshipTableChanged [44]
Policy: Active Policy [0]
Exception Function: Policy::executePolicyActiveRelationshipTableChanged
Exception Text:

DPTF Build Version: 8.2.10900.330
DPTF Build Date: May 16 2016 11:32:37
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function: EsifServices::primitiveExecuteGet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]

Error: (01/18/2020 10:03:25 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (01/18/2020 10:03:25 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (01/18/2020 09:25:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3848,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/17/2020 11:45:07 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9892,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/17/2020 10:44:26 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5092,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (01/18/2020 10:05:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Dell Digital Delivery Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/18/2020 10:05:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Dell Customer Connect neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/18/2020 10:03:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_54acd byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/18/2020 10:03:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. RunOuc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/18/2020 10:03:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. RunOuc bylo dosaženo časového limitu (45000 ms).

Error: (01/18/2020 10:03:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (01/18/2020 10:03:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (01/18/2020 10:03:25 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll


Windows Defender:
===================================
Date: 2019-10-11 09:15:18.348
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Program Files\KMSpico\AutoPico.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Verze bezpečnostních informací: AV: 1.245.822.0, AS: 1.245.822.0, NIS: 1.245.822.0
Verze modulu: AM: 1.1.13804.0, NIS: 1.1.13804.0

Date: 2019-10-11 09:15:16.300
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\Program Files\KMSpico\Service_KMS.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
Verze bezpečnostních informací: AV: 1.245.822.0, AS: 1.245.822.0, NIS: 1.245.822.0
Verze modulu: AM: 1.1.13804.0, NIS: 1.1.13804.0

CodeIntegrity:
===================================

Date: 2020-01-18 10:06:57.826
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-18 10:06:57.816
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-18 10:05:57.638
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-18 09:14:48.263
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-17 08:11:58.068
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-17 08:11:58.046
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-17 05:57:41.439
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-17 05:57:41.430
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.2.7 12/13/2017
Motherboard: Dell Inc. 000000
Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 27%
Total physical RAM: 16254.29 MB
Available physical RAM: 11728.86 MB
Total Virtual: 18686.29 MB
Available Virtual: 14086.54 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:106.15 GB) (Free:5.12 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.39 GB) (Free:928.41 GB) NTFS

\\?\Volume{8dc6a76a-60a4-4395-bb7f-f97ead963c53}\ (WINRETOOLS) (Fixed) (Total:0.88 GB) (Free:0.46 GB) NTFS
\\?\Volume{537221fb-1e09-4fc8-a093-6569b7543d8e}\ (Image) (Fixed) (Total:11.6 GB) (Free:0.44 GB) NTFS
\\?\Volume{9a51c001-1279-4ec0-bc9d-b961b90eff20}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.45 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 24B8784C)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 3E66F4BB)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2020
Ran by Dell_tatka (administrator) on DELL (Dell Inc. Inspiron 7559) (18-01-2020 10:05:41)
Running from C:\Users\Dell_tatka\Desktop
Loaded Profiles: Dell_tatka (Available Profiles: Dell_tatka)
Platform: Windows 10 Home Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
() [File not signed] C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe
(@ByELDI -> @ByELDI) [File not signed] C:\Program Files\KMSpico\Service_KMS.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(EnTech Taiwan -> EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Wireless Display -> Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\FTPServer.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\nsapp.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\SHARP\Sharpdesk\SharpTray.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9278152 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767944 2016-06-14] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [SN02IPRW] => C:\Windows\SysWOW64\SN02SELC.EXE [135168 2005-02-15] (SHARP CORPORATION) [File not signed]
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [183088 2019-12-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2016-04-28] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [SharpTray.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe [156672 2011-12-20] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [FtpServer.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\FtpServer.exe [820224 2011-12-22] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [IndexTray.exe] => C:\Program Files (x86)\Sharp\Sharpdesk\IndexTray.exe [395264 2011-12-20] (SHARP CORPORATION) [File not signed]
HKLM-x32\...\Run: [ICAMaintenance_ICAPKIService_RegKeysRefresh] => C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --notification-launch-id=3|0|Default|0|hxxps://www.cestujlevne.com/|p#hxxps://www.cest ... b08aecdfcd --flag-switches-begin --flag-switches-end --restore-last-session
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {6e6b3076-f1f5-11e7-9c26-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc29b-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc481-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2016-06-13]
ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan -> EnTech Taiwan)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Printer Status Monitor.lnk [2016-03-04]
ShortcutTarget: Printer Status Monitor.lnk -> C:\Program Files (x86)\SHARP\Printer Status Monitor\Smon.exe () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04E49419-204A-438C-A059-B335E4346E83} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {10971286-2681-434A-AD83-9DBE477AE885} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {14650F43-B992-4118-ACC9-E1E0E60801D8} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {1A2EE529-0449-4294-9845-592EFB18EADB} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1515208 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1A942868-3D6D-4DE1-A3C3-F276DA35331E} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {31CDA273-9065-4C80-944A-BA08FB1DF270} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {32068555-180C-4F88-8229-5BDE044EAA9E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
Task: {4BE2D38A-3822-4253-AA0F-ADBC10130A04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {6E3C8BFF-A891-4ADE-B102-C4934836B613} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {939162BD-F937-443E-B0F8-9A15ACB6B83C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9685FE77-E6D1-4E21-9E4B-64638743A898} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
Task: {983BD77F-C68B-4357-B662-367FD7745F10} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F86F30D-53B1-4D50-BD09-C9110843DDE1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: {A8CC2AE5-AC15-461C-BE6D-F9EFC19AF08F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe
Task: {BC3B138D-D504-46C8-94D8-E119A098B5E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3395BB3-1069-4272-9068-58924E1CB982} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2013600 2018-06-12] (NVIDIA Corporation -> )
Task: {EB4FE8C8-8516-4F24-B5DF-2BD79B591FE9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F03C1109-9C5B-4592-B71D-75D3E3E206C7} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {F2F00761-97D7-4716-AA05-B3B4ABC1795A} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {F3C6A751-D8E0-40C5-9E7D-4654226E1A07} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 185.108.120.1 8.8.8.8
Tcpip\..\Interfaces\{57533889-0b01-4c5c-9e4d-20fa9865c0b4}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{dc737c9a-0fbe-4ebd-9482-610a7480c65e}: [DhcpNameServer] 18.0.0.16
Tcpip\..\Interfaces\{e76e89b9-6f70-4bcf-8f42-0181a9337366}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{f8e97a97-203e-460b-bcb1-a7f5149c06b9}: [DhcpNameServer] 185.108.120.1 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell15.msn.com/?pc=DCTE
HKU\S-1-5-21-139710159-428793708-3185880871-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> DefaultScope {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files (x86)\Sharp\Sharpdesk\ExplorerExtensions.dll [2011-12-20] (SHARP CORPORATION) [File not signed]

Edge:
======
DownloadDir: C:\Users\Dell_tatka\Downloads

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Notifications: Default -> hxxps://0.costsimpleplay.com; hxxps://www.cestujlevne.com; hxxps://www.planetacestovani.cz
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default [2020-01-18]
CHR Extension: (Prezentace) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-04]
CHR Extension: (YouTube) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-04]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-01-06]
CHR Extension: (Elektronický podpis ČSOB) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahecpanklnlonjjlojnjjcigcbflego [2018-08-21]
CHR Extension: (Tabulky) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-18]
CHR Profile: C:\Users\Dell_tatka\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36032 2019-11-08] (Dell Inc -> )
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2245488 2019-12-13] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1585784 2016-06-03] (Intel Corporation - pGFX -> Intel Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] (Huawei Technologies Co., Ltd. -> )
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [396992 2015-07-07] (Intel(R) Wireless Display -> Intel)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [311584 2019-04-22] (Intel Corporation -> )
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [651856 2013-10-26] (Huawei Technologies Co., Ltd. -> )
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [277192 2018-11-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [615384 2017-02-07] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4110624 2019-04-22] (Intel Corporation -> Intel® Corporation)
S2 Dell Customer Connect; "C:\Program Files (x86)\Dell Customer Connect\DCCService.exe" [X]
S2 DellDigitalDelivery; "C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 CertPropSvc; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [70208 2016-05-18] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088 2016-05-18] (Intel Corporation -> Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-10-31] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-10-31] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-05-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-10-31] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-13] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [343608 2016-05-18] (Intel Corporation -> Intel Corporation)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2012-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380672 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136728 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Netwtw02; C:\WINDOWS\System32\drivers\Netwtw02.sys [6723856 2016-01-21] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8728672 2019-05-03] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvdm.inf_amd64_2c7c773e20d8bcfa\nvlddmkm.sys [17538080 2018-06-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [777944 2016-03-21] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
U5 SCardSvr; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-07-07] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-18 10:05 - 2020-01-18 10:06 - 000030550 _____ C:\Users\Dell_tatka\Desktop\FRST.txt
2020-01-18 10:05 - 2020-01-18 10:05 - 002573312 _____ (Farbar) C:\Users\Dell_tatka\Desktop\FRST64.exe
2020-01-18 10:02 - 2020-01-18 10:02 - 008237744 _____ (Malwarebytes) C:\Users\Dell_tatka\Desktop\adwcleaner_8.0.1.exe
2020-01-18 10:02 - 2020-01-18 10:02 - 001883976 _____ (Malwarebytes) C:\Users\Dell_tatka\Downloads\MBSetup (1).exe
2020-01-17 09:06 - 2020-01-17 09:06 - 000920350 _____ C:\Users\Dell_tatka\Downloads\Geometrický plán č. 7157_63-2018.pdf
2020-01-17 09:04 - 2020-01-17 09:04 - 000026734 _____ C:\Users\Dell_tatka\Downloads\Podmínky prodeje - Kroměříž.pdf
2020-01-16 09:56 - 2020-01-16 09:56 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-16 09:56 - 2020-01-16 09:56 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-16 09:56 - 2020-01-16 09:56 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-16 09:56 - 2020-01-16 09:56 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-16 09:51 - 2020-01-16 09:51 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-16 09:51 - 2020-01-16 09:51 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-12 17:23 - 2020-01-12 17:23 - 000042134 _____ C:\Users\Dell_tatka\Desktop\Linka na kompozitní kari síť - Hodonín - Bazoš.cz.html
2020-01-12 17:23 - 2020-01-12 17:23 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Linka na kompozitní kari síť - Hodonín - Bazoš.cz_files
2020-01-12 16:56 - 2020-01-12 16:56 - 000025591 _____ C:\Users\Dell_tatka\Desktop\Sklapěčka Romanital Ercolino 1.3i - Třebíč - Bazoš.cz.html
2020-01-12 16:56 - 2020-01-12 16:56 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Sklapěčka Romanital Ercolino 1.3i - Třebíč - Bazoš.cz_files
2020-01-12 07:51 - 2020-01-12 07:51 - 000003335 _____ C:\Users\Dell_tatka\Downloads\doklady (4).txt
2020-01-10 13:16 - 2020-01-10 13:16 - 023463538 _____ C:\Users\Dell_tatka\Downloads\DV_190054 (1).pdf
2020-01-10 13:16 - 2020-01-10 13:16 - 008666067 _____ C:\Users\Dell_tatka\Downloads\DV_190056.pdf
2020-01-10 13:14 - 2020-01-10 13:14 - 001052755 _____ C:\Users\Dell_tatka\Downloads\DV_200001.pdf
2020-01-10 13:12 - 2020-01-10 13:12 - 023463538 _____ C:\Users\Dell_tatka\Downloads\DV_190054.pdf
2020-01-10 12:39 - 2020-01-10 12:39 - 000394312 _____ C:\Users\Dell_tatka\Downloads\studie_vymetal_blacklisting.pdf
2020-01-09 09:20 - 2020-01-09 09:20 - 000001260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Podnikový a domácí právník 2020.lnk
2020-01-09 09:20 - 2020-01-09 09:20 - 000001248 _____ C:\Users\Public\Desktop\Podnikový a domácí právník 2020.lnk
2020-01-09 09:18 - 2020-01-09 09:18 - 000000000 ____D C:\Program Files (x86)\LEGIS
2020-01-07 08:21 - 2020-01-07 08:21 - 001883976 _____ (Malwarebytes) C:\Users\Dell_tatka\Downloads\MBSetup.exe
2020-01-06 10:10 - 2020-01-18 10:06 - 000000000 ____D C:\FRST
2020-01-06 08:57 - 2020-01-06 08:57 - 000000000 ____D C:\Users\Dell_tatka\Downloads\backups
2020-01-06 08:56 - 2020-01-06 08:56 - 000388608 _____ (Trend Micro Inc.) C:\Users\Dell_tatka\Downloads\HijackThis.exe
2020-01-04 12:46 - 2020-01-04 12:46 - 000145874 _____ C:\Users\Dell_tatka\Desktop\Montáže sádrokartonů Veselí nad Moravou • Firmy.cz.html
2020-01-04 12:46 - 2020-01-04 12:46 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Montáže sádrokartonů Veselí nad Moravou • Firmy.cz_files
2020-01-04 12:36 - 2020-01-04 12:36 - 000204684 _____ C:\Users\Dell_tatka\Desktop\Tesařství, pokrývačství a klempířství Veselí nad Moravou • Firmy.cz.html
2020-01-04 12:36 - 2020-01-04 12:36 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Tesařství, pokrývačství a klempířství Veselí nad Moravou • Firmy.cz_files
2020-01-03 09:09 - 2020-01-03 09:09 - 000000185 _____ C:\Users\Dell_tatka\Downloads\doklady (3).txt
2020-01-02 11:02 - 2020-01-02 11:02 - 000000037 _____ C:\Users\Dell_tatka\Downloads\doklady (2).txt
2019-12-27 12:06 - 2019-12-27 12:06 - 001190931 _____ C:\Users\Dell_tatka\Downloads\03PT-003572 - Smlouva-a.pdf
2019-12-27 08:48 - 2019-12-27 08:48 - 000000597 _____ C:\Users\Dell_tatka\Documents\iBRIDGE Photos – Veselí ČS
2019-12-25 11:39 - 2019-12-25 11:39 - 000072453 _____ C:\Users\Dell_tatka\Downloads\Cenik_sluzeb_TD.pdf
2019-12-22 09:18 - 2019-12-22 09:18 - 000000000 ____D C:\WINDOWS\{D9D526E4-4469-47D1-A5F7-65696A7980DD}
2019-12-22 09:18 - 2019-12-22 09:18 - 000000000 ____D C:\WINDOWS\{D7BFF4AE-10EB-46B8-9A9A-5E8FEE1EFB86}
2019-12-20 13:39 - 2019-12-20 13:41 - 000000000 ____D C:\Users\Dell_tatka\Desktop\fotky 2019

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-18 10:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2020-01-18 10:04 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-18 10:03 - 2019-07-26 06:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-18 10:03 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-18 10:03 - 2017-05-11 05:34 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-18 10:03 - 2016-03-04 16:27 - 000000000 __SHD C:\Users\Dell_tatka\IntelGraphicsProfiles
2020-01-18 10:03 - 2016-03-04 15:21 - 000000000 ____D C:\Program Files (x86)\Dell
2020-01-18 10:03 - 2016-01-07 10:37 - 000000000 ____D C:\WINDOWS\Dell
2020-01-18 10:03 - 2016-01-07 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2020-01-18 10:03 - 2016-01-07 10:35 - 000000000 ____D C:\Program Files\Dell
2020-01-18 10:03 - 2016-01-07 10:08 - 000000000 ____D C:\ProgramData\Dell
2020-01-18 09:46 - 2018-04-26 07:39 - 000000000 ____D C:\Users\Public\SmartPSS
2020-01-18 09:22 - 2016-03-04 16:50 - 000000000 ____D C:\Users\Dell_tatka\Documents\Soubory aplikace Outlook
2020-01-17 12:14 - 2019-07-26 06:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-17 06:48 - 2016-03-04 14:44 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-17 06:48 - 2016-03-04 14:44 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-01-17 06:02 - 2019-07-26 06:14 - 001695456 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-17 06:02 - 2019-03-19 12:55 - 000719670 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-17 06:02 - 2019-03-19 12:55 - 000145698 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-17 06:02 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-17 05:59 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-17 05:54 - 2019-07-26 06:01 - 000433232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-16 12:58 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-16 12:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-16 12:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-16 12:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-16 10:00 - 2016-03-04 17:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-16 09:58 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-16 09:58 - 2016-03-04 17:09 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-16 09:48 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-16 08:40 - 2019-11-20 09:54 - 000000000 ____D C:\Users\Dell_tatka\Desktop\Česká Spořitelna Veselí
2020-01-16 06:20 - 2017-11-24 06:34 - 000000000 ____D C:\Users\Dell_tatka\AppData\Local\Packages
2020-01-14 08:29 - 2016-06-09 08:34 - 000000000 ____D C:\Users\Dell_tatka\Desktop\scan
2020-01-14 06:22 - 2016-05-24 10:43 - 000000000 ____D C:\Users\Dell_tatka\AppData\Roaming\vlc
2020-01-07 08:22 - 2017-03-22 10:25 - 000000000 ____D C:\AdwCleaner
2020-01-06 08:56 - 2016-03-04 16:27 - 000000000 ____D C:\Users\Dell_tatka\AppData\Local\VirtualStore
2020-01-06 06:56 - 2019-11-20 09:57 - 000000000 ____D C:\Users\Dell_tatka\Desktop\AKE vše
2020-01-02 07:44 - 2017-12-03 07:15 - 000032231 _____ C:\Users\Dell_tatka\Desktop\OSKOL Spotřeba energií.xlsx
2019-12-27 09:21 - 2019-06-19 14:06 - 000000000 ____D C:\ProgramData\I.CA SecureStore
2019-12-22 07:22 - 2018-11-10 10:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [{95423BA3-EF06-4AEC-8800-D51CD361E06A}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe No File
FirewallRules: [{17317716-F47E-489E-AEF9-958155AA5BAF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe No File
FirewallRules: [{D35D9F3A-8937-4B10-95C4-10BDD24A07A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{66ACB363-159C-4C7D-8AA3-913FDF06AA17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{DC9908B4-A5DA-410E-96BE-66A52896A7AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [TCP Query User{05939026-83F2-4A24-B769-C447CC62B6C3}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [UDP Query User{A2090841-236F-4956-9F85-BB85A3ACE5E4}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
C:\Program Files\KMSpico
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {6e6b3076-f1f5-11e7-9c26-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc29b-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc481-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
Task: {14650F43-B992-4118-ACC9-E1E0E60801D8} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {31CDA273-9065-4C80-944A-BA08FB1DF270} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {32068555-180C-4F88-8229-5BDE044EAA9E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
Task: {4BE2D38A-3822-4253-AA0F-ADBC10130A04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {939162BD-F937-443E-B0F8-9A15ACB6B83C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> DefaultScope {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[jack68]

zdravim

Fix result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Dell_tatka (19-01-2020 08:49:08) Run:1
Running from C:\Users\Dell_tatka\Desktop
Loaded Profiles: Dell_tatka (Available Profiles: Dell_tatka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProesses:
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [{95423BA3-EF06-4AEC-8800-D51CD361E06A}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe No File
FirewallRules: [{17317716-F47E-489E-AEF9-958155AA5BAF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe No File
FirewallRules: [{D35D9F3A-8937-4B10-95C4-10BDD24A07A3}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{66ACB363-159C-4C7D-8AA3-913FDF06AA17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{DC9908B4-A5DA-410E-96BE-66A52896A7AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [TCP Query User{05939026-83F2-4A24-B769-C447CC62B6C3}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
FirewallRules: [UDP Query User{A2090841-236F-4956-9F85-BB85A3ACE5E4}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe] => (Allow) C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe No File
C:\Program Files\KMSpico
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {6e6b3076-f1f5-11e7-9c26-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc29b-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
HKU\S-1-5-21-139710159-428793708-3185880871-1001\...\MountPoints2: {f21cc481-ba5a-11e9-9c71-e094678fa420} - "E:\AutoRun.exe"
Task: {14650F43-B992-4118-ACC9-E1E0E60801D8} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {31CDA273-9065-4C80-944A-BA08FB1DF270} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {32068555-180C-4F88-8229-5BDE044EAA9E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
Task: {4BE2D38A-3822-4253-AA0F-ADBC10130A04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-04] (Google Inc -> Google Inc.)
Task: {939162BD-F937-443E-B0F8-9A15ACB6B83C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> DefaultScope {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =
SearchScopes: HKU\S-1-5-21-139710159-428793708-3185880871-1001 -> {F7CAC1BE-A819-461E-B11A-76C0E8014707} URL =

EmptyTemp:
End
*****************

CloseProesses: => Error: No automatic fix found for this entry.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{95423BA3-EF06-4AEC-8800-D51CD361E06A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{17317716-F47E-489E-AEF9-958155AA5BAF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D35D9F3A-8937-4B10-95C4-10BDD24A07A3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{66ACB363-159C-4C7D-8AA3-913FDF06AA17}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DC9908B4-A5DA-410E-96BE-66A52896A7AC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{05939026-83F2-4A24-B769-C447CC62B6C3}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A2090841-236F-4956-9F85-BB85A3ACE5E4}C:\users\dell_tatka\appdata\local\packages\microsoft.microsoftedge_8wekyb3d8bbwe\tempstate\downloads\winbox64 (1).exe" => removed successfully
C:\Program Files\KMSpico => moved successfully
HKU\S-1-5-21-139710159-428793708-3185880871-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e6b3076-f1f5-11e7-9c26-e094678fa420} => removed successfully
HKU\S-1-5-21-139710159-428793708-3185880871-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f21cc29b-ba5a-11e9-9c71-e094678fa420} => removed successfully
HKU\S-1-5-21-139710159-428793708-3185880871-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f21cc481-ba5a-11e9-9c71-e094678fa420} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14650F43-B992-4118-ACC9-E1E0E60801D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14650F43-B992-4118-ACC9-E1E0E60801D8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{31CDA273-9065-4C80-944A-BA08FB1DF270}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31CDA273-9065-4C80-944A-BA08FB1DF270}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32068555-180C-4F88-8229-5BDE044EAA9E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32068555-180C-4F88-8229-5BDE044EAA9E}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4BE2D38A-3822-4253-AA0F-ADBC10130A04}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BE2D38A-3822-4253-AA0F-ADBC10130A04}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{939162BD-F937-443E-B0F8-9A15ACB6B83C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{939162BD-F937-443E-B0F8-9A15ACB6B83C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKU\S-1-5-21-139710159-428793708-3185880871-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-139710159-428793708-3185880871-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F7CAC1BE-A819-461E-B11A-76C0E8014707} => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 140053435 B
Java, Flash, Steam htmlcache => 863 B
Windows/system/drivers => 2365436 B
Edge => 11639201 B
Chrome => 473728125 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 105576 B
NetworkService => 107168 B
Dell_tatka => 203084310 B

RecycleBin => 13444927 B
EmptyTemp: => 815.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 08:55:47 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[jack68]

Zdravim.
Dekuji pomochlo. Posilam penize .Diky
Mohl bych poprosit o kontrolu logu meho pc. Obcas mi zamrzne obrazovka a po cca 5 sekundach se zase rozjede
Dekuji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Michal (22-01-2020 06:30:07)
Running from C:\Users\Michal\Desktop
Windows 10 Pro Version 1903 18362.592 (X64) (2019-07-02 14:23:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2709589950-1360842280-2128968388-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2709589950-1360842280-2128968388-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2709589950-1360842280-2128968388-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2709589950-1360842280-2128968388-501 - Limited - Disabled)
Michal (S-1-5-21-2709589950-1360842280-2128968388-1001 - Administrator - Enabled) => C:\Users\Michal
WDAGUtilityAccount (S-1-5-21-2709589950-1360842280-2128968388-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 12 Professional (HKLM-x32\...\{F12000FE-0001-0000-0000-074957833700}) (Version: 12.1.426 - ABBYY Production LLC)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3024 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.02.3001 - Acer Incorporated)
Advanced IP Scanner 2.5 (HKLM-x32\...\{6ABB4DB7-5E8F-4F7A-AAF2-C7B4337B7161}) (Version: 2.5.3233 - Famatech)
Aktualizace ovladače pro aplikaci Centrum zařízení Windows Mobile (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
App Explorer (HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ATTENTION
Backup and Sync from Google (HKLM\...\{7B473CF8-CE4F-4AE1-A86D-CFBDDCC85FAF}) (Version: 3.47.8667.1399 - Google, Inc.)
Balíček ovladače systému Windows - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9) (Version: 10/22/2009 2.06.00 - FTDI)
Balíček ovladače systému Windows - FTDI CDM Driver Package (10/22/2009 2.06.00) (HKLM\...\88EB56038379B8B7DCFB4D2448A60F52E064B265) (Version: 10/22/2009 2.06.00 - FTDI)
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Balíček ovladače systému Windows - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Boris FX Continuum Plug-ins 11 for Cyberlink (HKLM\...\{7E607B62-1788-40CB-BADB-DC1511627F6C}_is1) (Version: - Boris FX, Inc.)
Camera Stream Controller (HKLM-x32\...\Camera Stream Controller) (Version: 1.0.0.114 - VIVOTEK INC.)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
CyberLink ActionDirector 3 (HKLM-x32\...\{49483CD6-CB26-49EB-8C43-B0EA00927B5F}) (Version: 3.0.2219.0 - CyberLink Corp.)
CyberLink PowerDirector 16 (HKLM-x32\...\{EE9EC028-49D2-4349-B0A3-9B2E752A4958}) (Version: 16.0.2101.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
D-G Unlocker Tools v.1.0 (HKLM-x32\...\{1B0C7840-DEE7-4AE0-965D-6B3892286A68}) (Version: 1.00.0000 - D&G Unlocker)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.1.0 - IObit)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 19.300 (20190319_12) - Solitea Česká republika, a.s.)
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
FastShare.cz verze 2.4.0 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.4.0 - )
Firebird 2.5.9.27139 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.9.27139 - Firebird Project)
Freedome VPN (HKLM-x32\...\F-Secure Freedome) (Version: 1.3.2915.0 - F-Secure Corporation)
Freedome VPN (source) (HKLM-x32\...\{83A4BF20-6745-437C-98D8-3C4B94D174EB}) (Version: 1.16.0612 - Acer)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 3.32.000 - Runtime Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GoPro Quik (HKLM\...\{8B7D1DD1-5CA4-4B6E-9A86-3EA9E3601DF3}) (Version: 0.1.841 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{f1aab631-23ee-456b-a5ef-6e4d9d638068}) (Version: 2.6.2.841 - GoPro, Inc.)
I.CA Diagnostic (HKLM-x32\...\{6969F77F-418C-448B-9CA2-D7304112609E}) (Version: 1.2.8.0 - První certifikační autorita, a.s.) Hidden
I.CA Diagnostic (HKLM-x32\...\I.CA Diagnostic 1.2.8.0) (Version: 1.2.8.0 - První certifikační autorita, a.s.)
I.CA Maintenance (HKLM-x32\...\{29BC7C1E-3AEC-47AB-B820-FC16D759F1B3}) (Version: 1.3.0.0 - První certifikační autorita, a.s.) Hidden
I.CA Maintenance (HKLM-x32\...\I.CA Maintenance 1.3.0.0) (Version: 1.3.0.0 - První certifikační autorita, a.s.)
I.CA PKIServiceHost (HKLM\...\{446955F6-A94B-4293-B646-43A9ADD4D62B}) (Version: 1.2.5.0 - První certifikační autorita, a.s.) Hidden
I.CA PKIServiceHost (HKLM-x32\...\I.CA PKIServiceHost 1.2.5.0) (Version: 1.2.5.0 - První certifikační autorita, a.s.)
I.CA SecureStore 4.5 (HKLM\...\{974DE7F0-8CE5-4269-9395-2E1314A7E8CB}) (Version: 4.5 - První certifikační autorita, a.s.)
Intel Driver && Support Assistant (HKLM-x32\...\{3EAAD5EA-1D87-442D-8426-FD4FCE62119D}) (Version: 19.12.50.5 - Intel) Hidden
Intel(R) 2D Imaging Setup Wizard (HKLM\...\{ac212bd0-e091-426e-9db4-ee9c07bb0e93}) (Version: 30.10586.7035.1976 - Intel Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{A9133872-C9FE-45CC-8F01-D1947B0F09EA}) (Version: 2.4.04755 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.2.1183 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4691 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation)
Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{8d174f37-ea1a-4e4d-be82-c10521a3c687}) (Version: 19.12.50.5 - Intel)
Intel® Integrated Sensor Solution (HKLM-x32\...\{bb5db3f1-f986-40a9-8a7e-c361a35d9b90}) (Version: 3.0.30.1044 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{CCBE9F01-C2C3-469C-A508-2E23A7495E91}) (Version: 1.0.0.609 - Intel Corporation)
ISS_Drivers_x64 (HKLM\...\{573398AD-0A98-44AA-9CA7-E8257F495514}) (Version: 3.0.30.1044 - Intel Corporation) Hidden
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.12325.20298 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 45.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0 (x86 en-US)) (Version: 45.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.5 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue)
NewBlue Video Essentials VII for Windows (HKLM-x32\...\NewBlue Video Essentials VII for Windows) (Version: 3.0 - NewBlue)
O&O Defrag Professional (HKLM\...\{6F9CDC3F-27D8-4A38-B81D-7E2DE3AF8434}) (Version: 19.0.87 - O&O Software GmbH)
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.11.00.445 - Huawei Technologies Co.,Ltd)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12325.20298 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12325.20288 - Microsoft Corporation) Hidden
Ontrack® EasyRecovery™ Professional for Windows (HKLM-x32\...\Ontrack® EasyRecovery™ Professional for Windows_is1) (Version: 12.0.0.2 - Kroll Ontrack)
Open Transport Tycoon Deluxe 0.7.5 (HKLM-x32\...\Open Transport Tycoon Deluxe 0.7.5) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PC-CCID (HKLM\...\{3DCDFCDB-4D96-4CF0-9BB3-C91DAE9073F3}) (Version: 2.0.0 - Gemalto)
PDFsam Basic (HKLM\...\{C3C9A143-931C-42FD-AAC7-26E7B5502BF8}) (Version: 4.0.4.0 - Sober Lemur S.a.s. di Vacondio Andrea)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.115.3 - proDAD GmbH)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10245 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.212 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Realtek PC Camera Driver (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10586.11224 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SHARP MFP TWAIN K Scanner Driver (HKLM-x32\...\SHARP MFP TWAIN K Scanner Driver) (Version: 4.01.05 - SHARP)
SHARP MX/MX-M Series PC-Fax Driver (HKLM-x32\...\SHARP MX-2310U PC-Fax Driver) (Version: 1.00.000 - SHARP)
SHARP MX/MX-M/DX Series Printer Driver (HKLM-x32\...\SHARP MX-2310U Printer Driver) (Version: 1.00.000 - SHARP)
Sharpdesk (HKLM-x32\...\{2A30AFBD-6DA5-499F-A83B-7CB2DFF21C23}) (Version: 3.3 - SHARP CORPORATION)
Skype verze 8.54 (HKLM-x32\...\Skype_is1) (Version: 8.54 - Skype Technologies S.A.)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Služba Xperia Companion (HKLM\...\{7D8E3C78-DA8C-4BBC-86BC-6A42068EE7C2}) (Version: 1.3.2.0 - Sony) Hidden
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
SmartPSS 2.02.1 (HKLM-x32\...\SmartPSS) (Version: 2.02.1 - )
Synology Photo Station Uploader (remove only) (HKLM-x32\...\Photo Station Uploader) (Version: 1.4.0.080 - Synology)
TAGRA 137 (HKLM-x32\...\{AD8747CD-02E9-4900-986E-B5C05A23ABCD}) (Version: 137 - Truck Data Technology s.r.o.) Hidden
TAGRA 137 (HKLM-x32\...\TAGRA 137 137) (Version: 137 - Truck Data Technology s.r.o.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.52a - Ghisler Software GmbH)
Total PDF Printer (HKLM-x32\...\Total PDF Printer_is1) (Version: - Softplicity, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vodafone Mobile Broadband (HKLM-x32\...\{1533A6AC-7984-4EA6-9A68-23C2537D3250}) (Version: 1.2.7.56241 - Vodafone)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-4) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{34D872B2-47FB-40A4-8C3F-915EA14F2586}) (Version: 1.3.2.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{f494d3ac-4796-4bbd-b7a0-1873600d110d}) (Version: 1.3.2.0 - Sony)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1704.2.22 - ZONER software)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-17] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-12] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-19] (MAGIX)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001_Classes\CLSID\{34EC519D-F525-2154-E03D-BF10F78ECA8E}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001_Classes\CLSID\{6BE99E87-B6FB-4CC3-AE69-DFCF33303D55} -> [Tiskové exporty z Money S3] => C:\Users\Public\Documents\Solitea\Money S3\PRINT\ [0000-00-00 00:00]
CustomCLSID: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-12-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-11] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2014-07-14] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-12-22] (Google LLC -> Google)
ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2015-09-14] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-11] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2015-09-14] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-12-22] (Google LLC -> Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\igfxDTCM.dll [2019-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2019-12-11] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [FineReader12ContextMenu] -> {55344AC6-630B-430C-B292-C7BE21F90061} => C:\Program Files (x86)\ABBYY FineReader 12\FRIntegration.x64.dll [2014-07-14] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2015-09-14] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2709589950-1360842280-2128968388-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2017-09-06] (proDAD GmbH -> proDAD GmbH)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-01-30 16:00 - 2019-01-30 16:00 - 001106432 _____ ( Prvni certifikacni autorita, a.s.) [File not signed] C:\WINDOWS\system32\SecureStoreCore.dll
2017-01-02 17:04 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2011-12-23 00:01 - 2011-12-23 00:01 - 000930304 _____ () [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\SCprMfpif.dll
2016-07-07 09:57 - 2016-07-07 09:57 - 000035328 _____ () [File not signed] C:\Program Files (x86)\Synology\Photo Station Uploader\ShellExtHandler.dll
2017-09-22 12:07 - 2009-06-23 03:42 - 000043008 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2017-09-22 12:07 - 2009-01-10 19:32 - 000011362 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2017-09-22 12:07 - 2013-08-31 06:44 - 002417152 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2017-09-22 12:07 - 2013-08-31 06:46 - 001148416 _____ () [File not signed] C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000114176 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_ctypes.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000173056 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_elementtree.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001808896 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_hashlib.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000032256 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_multiprocessing.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000046080 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_psutil_windows.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000047616 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_socket.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 002241024 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_ssl.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000026112 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\_yappi.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000080896 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\bz2.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000016384 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\common.time34.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000007680 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\hashobjs_ext.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000301568 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\PIL._imaging.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000169472 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\pyexpat.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001084416 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\pysqlite2._sqlite.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000548864 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\pythoncom27.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000137728 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\pywintypes27.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000010752 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\select.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000020992 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\thumbnails_ext.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000689664 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\unicodedata.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000119808 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\usb_ext.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000128512 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32api.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000438784 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32com.shell.shell.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000011776 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32crypt.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000023040 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32event.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000149504 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32file.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000223232 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32gui.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000048128 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32inet.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000029696 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32pdh.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000027648 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32pipe.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000044032 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32process.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000020480 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32profile.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000136192 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32security.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000026624 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\win32ts.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000034816 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\windows.conditional.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000038400 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\windows.connectivity.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000071680 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\windows.device_monitor.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000109056 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\windows.volumes.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000020480 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\windows.winwrap.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001325056 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._controls_.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001489408 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._core_.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001007104 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._gdi_.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000103424 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._html2.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 000916992 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._misc_.pyd
2020-01-22 06:07 - 2020-01-22 06:07 - 001039872 _____ () [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wx._windows_.pyd
2019-01-30 16:02 - 2019-01-30 16:02 - 000482304 _____ () [File not signed] C:\WINDOWS\system32\SecureStoreCspRes.dll
2019-08-27 08:16 - 2019-06-20 10:07 - 000552960 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbclient.dll
2019-08-27 08:16 - 2019-06-20 10:07 - 000007680 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\ib_util.dll
2019-08-27 08:16 - 2019-06-20 10:08 - 000925696 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\intl\fbintl.DLL
2019-08-27 08:16 - 2019-06-20 10:05 - 000438272 _____ (Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\plugins\fbtrace.dll
2019-01-30 11:14 - 2019-01-30 11:14 - 000944128 _____ (Free Software Foundation) [File not signed] C:\WINDOWS\system32\libiconv.dll
2019-08-27 08:16 - 2019-06-20 10:01 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\icudt30.dll
2019-08-27 08:16 - 2019-06-20 10:01 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\icuuc30.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\python27.dll
2019-08-16 14:29 - 2019-08-16 14:29 - 001635840 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2011-12-22 23:44 - 2011-12-22 23:44 - 000257024 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\FlowManager.dll
2011-12-15 16:54 - 2011-12-15 16:54 - 000563200 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\mfpngbh.dll
2011-12-23 00:05 - 2011-12-23 00:05 - 000596480 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\ProfMgr.dll
2011-12-22 23:43 - 2011-12-22 23:43 - 000434176 _____ (SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\Resources\resndkENU.dll
2016-12-16 13:44 - 2011-02-07 12:41 - 000029184 _____ (SHARP CORPORATION) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\crprproc.dll
2019-08-16 14:29 - 2019-08-16 14:29 - 001902080 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\sqlite3.DLL
2019-08-16 14:29 - 2019-08-16 14:29 - 001902080 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2014-08-29 08:54 - 2014-08-29 08:54 - 001659904 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\WINDOWS\system32\LIBEAY32_101.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxbase30u_net_vc90_x64.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxbase30u_vc90_x64.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxmsw30u_adv_vc90_x64.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxmsw30u_core_vc90_x64.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxmsw30u_html_vc90_x64.dll
2020-01-22 06:07 - 2020-01-22 06:07 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Michal\AppData\Local\Temp\_MEI979682\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\OEM:{6D006200-5200-6F00-5700-6F0061003900} [664]
AlternateDataStreams: C:\ProgramData\TEMP:24C8262A [121]
AlternateDataStreams: C:\Users\Michal\Documents\Nová složka:{6D006200-5200-6F00-5700-6F0061003900} [664]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.capgemini.com -> hxxp://*.capgemini.com
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.capgemini.com -> hxxps://*.capgemini.com
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.csob.cz -> hxxps://*.csob.cz
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.csob.sk -> hxxps://*.csob.sk
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.erasvet.cz -> hxxps://*.erasvet.cz
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.ica.cz -> hxxp://*.ica.cz
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.ica.cz -> hxxps://*.ica.cz
IE trusted site: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\*.postovnisporitelna.cz -> hxxps://*.postovnisporitelna.cz

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2018-05-15 05:33 - 000000887 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 cap.cyberlink.com
127.0.0.1 activation.cyberlink.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Skype\Phone\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal\Pictures\bear.jpg
DNS Servers: 185.108.120.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "WinSat"
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E3AF2B2B-8145-453B-8C43-EFB79393F1A8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{55861F68-BDF0-4EEB-8F84-C54689933DA1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{7181DE29-3845-4522-8A7C-2CF5F2AF58AD}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [TCP Query User{A1B87635-EC33-45AB-A3B8-01A3B4716F79}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [UDP Query User{ADF76EA7-DAD0-4A4D-AE45-44BBED4C32FB}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [TCP Query User{D5BB6F63-AC13-49EE-8259-C2487031E6F7}C:\windows\files\bin\kmss.exe] => (Allow) C:\windows\files\bin\kmss.exe No File
FirewallRules: [{14789CD3-EFDC-459F-827D-F35A8BE3A3CF}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{24D6F23D-D4A2-4B7F-BB02-6609EBC49558}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{0074F479-821A-469E-810C-C2854D187BF3}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{7BF08C4C-6621-4639-B3BF-2CE7B100D35C}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [UDP Query User{6D56B91E-0F80-4D4A-A89B-E2D78F96450E}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [TCP Query User{2ACAAC43-2FC2-43F6-A562-E3EF041BFA25}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{02943FDD-0932-4DE0-80ED-777151950726}] => (Block) %ProgramFiles% (x86)\Ontrack\EasyRecovery\OntrackEasyRecoveryforWindows.exe No File
FirewallRules: [{4E818203-4858-4413-94D2-B86AE43784A6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe No File
FirewallRules: [{2EECF095-B604-47AB-A281-B9AC7DBB26E4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe No File
FirewallRules: [{78F61F06-49B4-4CEE-974E-968ED7E5B53A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe No File
FirewallRules: [{14C8FA55-CCAF-4319-8F53-DF883B7A7C98}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe No File
FirewallRules: [UDP Query User{441E5441-DF25-4D1E-80B5-EBCC8B240881}C:\programy\totalcmd\totalcmd.exe] => (Allow) C:\programy\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [TCP Query User{E0BA4DC5-64C3-4FD0-9BAA-6DC343789112}C:\programy\totalcmd\totalcmd.exe] => (Allow) C:\programy\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{670FEB18-F9BC-40BB-9EF9-55317F31E651}C:\program files\winbox.exe] => (Allow) C:\program files\winbox.exe () [File not signed]
FirewallRules: [TCP Query User{A5373FCE-75A6-4D4B-A7CC-F2D89351B796}C:\program files\winbox.exe] => (Allow) C:\program files\winbox.exe () [File not signed]
FirewallRules: [{82F46973-46FD-4A60-A0F2-53885339D3FB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{225914F4-93E7-4B3F-A965-AE6605A0B219}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C9E6AEFE-B24B-48ED-A0D4-60C67F7A2C1F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5B6E2EA6-4082-448B-ABAF-23FAA6AF784D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{47D11E2C-1444-438E-8D7B-E5FDD1B31B98}C:\osobni\vypal\!!\!!\zaloha dreambox\inetbox_dm500\image nemesis\server_mario\dreamset\dreamset.exe] => (Allow) C:\osobni\vypal\!!\!!\zaloha dreambox\inetbox_dm500\image nemesis\server_mario\dreamset\dreamset.exe (John V.) [File not signed]
FirewallRules: [TCP Query User{85183841-7B89-4ECD-9E29-C7F1A24F398E}C:\osobni\vypal\!!\!!\zaloha dreambox\inetbox_dm500\image nemesis\server_mario\dreamset\dreamset.exe] => (Allow) C:\osobni\vypal\!!\!!\zaloha dreambox\inetbox_dm500\image nemesis\server_mario\dreamset\dreamset.exe (John V.) [File not signed]
FirewallRules: [{983017BE-4068-4E6D-BF85-5BF934651B92}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{96B95ECC-3E1F-4507-8ADA-340459D63CFA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{713D7167-4CD3-4053-B7D8-7EB96AB18B3E}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{7071ED03-9CA0-442F-8182-3E8F20D924C1}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{AC91C1E6-0FF9-4994-95FD-6BC983E6C2A2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{8F0059E3-1F25-47E8-B5D7-3958643B4EF0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{5D8654AC-AA0D-4C65-99FA-D6949912D6B2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{24D148C9-2BAF-4726-A62D-1331570879BF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [TCP Query User{AFDDAFC6-2DFA-414E-B1AD-CBA55D33CB6C}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{8E618919-F764-4C7F-A098-A212E7EE41CA}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{9049F9E8-C289-4A66-98A0-1FAA0156BDF4}D:\aaa\micooffi20132016insv53\office 2013-2016 c2r install v5.3\files\bin\kmss.exe] => (Allow) D:\aaa\micooffi20132016insv53\office 2013-2016 c2r install v5.3\files\bin\kmss.exe No File
FirewallRules: [UDP Query User{B31D62C6-249A-4662-999F-ACAFD6FC6496}D:\aaa\micooffi20132016insv53\office 2013-2016 c2r install v5.3\files\bin\kmss.exe] => (Allow) D:\aaa\micooffi20132016insv53\office 2013-2016 c2r install v5.3\files\bin\kmss.exe No File
FirewallRules: [TCP Query User{6867770C-6CDE-4E49-A59C-EC53C0A39D99}C:\program files (x86)\synology\photo station uploader\mediauploader.exe] => (Allow) C:\program files (x86)\synology\photo station uploader\mediauploader.exe (Synology Inc. -> Synology Inc.) [File not signed]
FirewallRules: [UDP Query User{6FBECDF5-F86F-4A52-AABF-F3A62E58918D}C:\program files (x86)\synology\photo station uploader\mediauploader.exe] => (Allow) C:\program files (x86)\synology\photo station uploader\mediauploader.exe (Synology Inc. -> Synology Inc.) [File not signed]
FirewallRules: [{67ECED66-0FE0-4C2E-BEEB-B85037C54D8A}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Mobile Communications AB -> Sony) [File not signed]
FirewallRules: [TCP Query User{65776CE7-162A-476F-9010-C6FC96769FD3}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [UDP Query User{0C02A2E6-3392-41EE-8908-01F62923A88E}C:\program files (x86)\sharp\sharpdesk\ftpserver.exe] => (Allow) C:\program files (x86)\sharp\sharpdesk\ftpserver.exe (SHARP CORPORATION) [File not signed]
FirewallRules: [TCP Query User{C7567B0F-1496-4584-BE84-3C5DAC8C5F22}C:\programy\totalcmd\totalcmd.exe] => (Allow) C:\programy\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{11B79E69-C71A-4E58-9DEF-B7BF7FA7FE89}C:\programy\totalcmd\totalcmd.exe] => (Allow) C:\programy\totalcmd\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{F376D13E-5B03-44A4-A711-4068A5B0768F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{818D271F-5A9F-4E91-A7F6-B557D12BD6B1}D:\programy\2013-2016 c2r install v5.9.3\files\bin\kmss.exe] => (Allow) D:\programy\2013-2016 c2r install v5.9.3\files\bin\kmss.exe No File
FirewallRules: [UDP Query User{B8553B82-F9E1-45EB-965B-BDF49830E2DD}D:\programy\2013-2016 c2r install v5.9.3\files\bin\kmss.exe] => (Allow) D:\programy\2013-2016 c2r install v5.9.3\files\bin\kmss.exe No File
FirewallRules: [TCP Query User{3D897D9D-05F6-40B0-91ED-51A13648C129}C:\program files\winbox.exe] => (Allow) C:\program files\winbox.exe () [File not signed]
FirewallRules: [UDP Query User{3B8A569F-2E7E-45F8-A2AB-F8152276074E}C:\program files\winbox.exe] => (Allow) C:\program files\winbox.exe () [File not signed]
FirewallRules: [TCP Query User{A2566036-A34E-46F5-A04A-553032264A95}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [UDP Query User{EC8A2355-408C-4B33-A3C7-04E58582D2C7}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe] => (Allow) C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe () [File not signed]
FirewallRules: [{E9111D54-C349-46B5-833D-5B5F13D9C6DF}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{091CD5ED-6754-4A2F-AABA-F8B61138AB1E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CFAB0A0C-0EAA-4F44-90F7-2C26BDDE3F2F}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{54C133D9-F324-4CA8-ADD7-99A868B16196}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{4599629E-B390-4A25-BC3D-5A7531F388DF}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{D2974607-BB01-4F5E-A036-997C38BF4520}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{542101AA-3B96-42C5-8902-76D8694FD319}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9372A9C9-DBC4-46F7-A95B-B190694D3EE6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5FE09E51-2C92-4AB7-85B2-240F97F5AE12}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0C465DE5-4D60-47A3-9F2F-24FF6F7BF640}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{67A8759C-0841-4764-A92A-A2187D7EF857}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F818AB4D-F2FA-4E3D-8FC1-FF14F364DF52}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BFDDC46E-B4E0-4B85-8973-567EB732DC21}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6D31E743-D1B6-49E6-9683-81A7668A5C07}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D3B3A5C3-A18D-43FE-A006-41FABCD380E9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0CFD29B5-392A-4361-825D-EED97B19DE33}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{729DADFF-C490-43E6-8852-BCEF2E94B7FD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F2E70540-0066-4AE6-9EB5-9EDF654E228C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D7181734-735E-48BD-9F1C-CF0B46932626}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{90B0A9D2-EF97-45A8-8FFD-F26BC480351F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5452DCF8-33E0-4DC3-BB61-62F44E3697BC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

01-01-2020 11:45:34 Naplánovaný kontrolní bod
09-01-2020 08:13:32 Naplánovaný kontrolní bod
17-01-2020 07:05:56 Naplánovaný kontrolní bod
21-01-2020 13:34:40 Installed TAGRA 137

==================== Faulty Device Manager Devices ============

Name: Citron Hands-Free HF
Description: Role Handsfree pro hands-free profil Microsoft Bluetooth
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthHFEnum
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/22/2020 06:13:24 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (64760,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/22/2020 06:09:05 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: MICHAL)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/21/2020 04:28:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance(CLSID_VSSCoordinator) došlo k neočekávané chybě. hr= 0x800401f0, Nebyla volána procedura CoInitialize.
.

Error: (01/21/2020 04:28:25 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem Coordinator nelze spustit. [0x800401f0, Nebyla volána procedura CoInitialize.
]

Error: (01/21/2020 03:56:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRP Remover Cracked.exe, verze: 1.0.0.0, časové razítko: 0x58373bba
Název chybujícího modulu: KERNELBASE.dll, verze: 6.2.18362.535, časové razítko: 0x5bd9df62
Kód výjimky: 0xe0434f4d
Posun chyby: 0x001135d2
ID chybujícího procesu: 0x%9
Čas spuštění chybující aplikace: 0xFRP Remover Cracked.exe0
Cesta k chybující aplikaci: FRP Remover Cracked.exe1
Cesta k chybujícímu modulu: FRP Remover Cracked.exe2
ID zprávy: FRP Remover Cracked.exe3
Úplný název chybujícího balíčku: FRP Remover Cracked.exe4
ID aplikace související s chybujícím balíčkem: FRP Remover Cracked.exe5

Error: (01/21/2020 03:56:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FRP Remover Cracked.exe, verze: 1.0.0.0, časové razítko: 0x58373bba
Název chybujícího modulu: KERNELBASE.dll, verze: 6.2.18362.535, časové razítko: 0x5bd9df62
Kód výjimky: 0xe0434f4d
Posun chyby: 0x001135d2
ID chybujícího procesu: 0x%9
Čas spuštění chybující aplikace: 0xFRP Remover Cracked.exe0
Cesta k chybující aplikaci: FRP Remover Cracked.exe1
Cesta k chybujícímu modulu: FRP Remover Cracked.exe2
ID zprávy: FRP Remover Cracked.exe3
Úplný název chybujícího balíčku: FRP Remover Cracked.exe4
ID aplikace související s chybujícím balíčkem: FRP Remover Cracked.exe5

Error: (01/21/2020 03:48:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance(CLSID_VSSCoordinator) došlo k neočekávané chybě. hr= 0x800401f0, Nebyla volána procedura CoInitialize.
.

Error: (01/21/2020 03:48:18 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem Coordinator nelze spustit. [0x800401f0, Nebyla volána procedura CoInitialize.
]


System errors:
=============
Error: (01/22/2020 06:05:04 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_36ff388 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/21/2020 04:32:11 PM) (Source: DCOM) (EventID: 10010) (User: MICHAL)
Description: Server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/21/2020 01:00:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_23f1904 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/20/2020 10:13:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/20/2020 10:11:44 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_8fc05 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/20/2020 10:11:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. RunOuc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/20/2020 10:11:38 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. RunOuc bylo dosaženo časového limitu (45000 ms).

Error: (01/20/2020 06:07:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2020-01-22 06:05:31.564
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-22 06:05:31.560
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-22 06:05:31.555
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-22 06:05:31.551
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-22 06:05:31.541
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-21 06:04:50.309
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-21 06:04:50.306
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2020-01-21 06:04:50.301
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET NOD32 Antivirus\eamsi.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.02 06/17/2016
Motherboard: Acer Hawaii
Processor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 47%
Total physical RAM: 8072.91 MB
Available physical RAM: 4214.63 MB
Total Virtual: 9352.91 MB
Available Virtual: 5182.66 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:475.83 GB) (Free:192.57 GB) NTFS

\\?\Volume{727208f8-994f-4a0b-a32f-3f87b4511309}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.57 GB) NTFS
\\?\Volume{0a955655-14a2-47b1-8d6c-1f62e8762783}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 947150D8)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2020
Ran by Michal (administrator) on MICHAL (Acer Switch SA5-271P) (22-01-2020 06:28:50)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: defaultuser0 & Michal)
Platform: Windows 10 Pro Version 1903 18362.592 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ABBYY Production LLC -> ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Acer Incorporated -> ) C:\OEM\Preload\FubTool\FubTool.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files\Cyberlink\PowerDirector16\PDRStyleAgent.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\Cyberlink\Shared files\RichVideo64.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Firebird Project) [File not signed] C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(GoPro Media, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\7.1.0\Pub\PubMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Sharp Corporation) C:\Windows\System32\spool\drivers\x64\3\SS0ILMSW.EXE
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\FTPServer.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\nsapp.exe
(SHARP CORPORATION) [File not signed] C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe
(SHARP CORPORATION) [File not signed] C:\Windows\System32\spool\drivers\x64\3\SN0XRCV.exe
(Sony Mobile Communications AB -> Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Vodafone) [File not signed] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\VmbNotifierService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [224000 2017-09-27] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SN0XRCV] => C:\Windows\system32\spool\drivers\x64\3\SN0XRCV.exe [102400 2016-12-16] (SHARP CORPORATION) [File not signed]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [183088 2019-12-11] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [4468984 2015-09-14] (O&O Software GmbH -> O&O Software GmbH)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [139624 2019-12-13] (IDSA Production signing key -> Intel)
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-11-21] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\MountPoints2: {7ba8ff7d-decb-11e9-89b5-94e979547538} - "D:\Bolt.exe"
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\MountPoints2: {92b85ded-022b-11ea-89b8-94e979547538} - "D:\SetupVMB.exe"
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\MountPoints2: {97231b02-cee3-11e9-89b3-94e979547538} - "D:\AutoRun.exe"
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\MountPoints2: {97231bc9-cee3-11e9-89b3-94e979547538} - "D:\AutoRun.exe"
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\...\MountPoints2: {d46ee352-3b64-11ea-89c5-94e979547538} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-08] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {013B405E-A6D4-4F15-A63A-1A4A7410CBA0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {03311A20-87F3-427C-AC17-00785EED2C45} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {07E13DE4-DAF8-440C-9FBB-912915937A4A} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-13] (Acer Incorporated -> TODO: <Company name>)
Task: {0C7C2645-C9A8-467B-A4DB-E122280E4DB6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-11-21] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {12C486F2-4E8E-4665-BEF6-5FC6A7EB4F61} - System32\Tasks\CareCenter\SN02IPRW_Reg_HKLMRun => C:\Windows\SysWOW64\SN02SELC.exe [135168 2005-02-15] (SHARP CORPORATION) [File not signed]
Task: {19E8734B-123C-49D3-8909-8018B9326DB5} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [857568 2016-01-14] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {1B4728FD-3F79-4753-95C7-ECDD54CCCD23} - System32\Tasks\OInstall => C:\WINDOWS\OInstall.exe [8757880 2016-04-29] (WZT -> ) [File not signed]
Task: {20B4ADE5-7B6F-4221-8C17-19854113DFE0} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {22F240EC-A38C-45C9-9429-BB3243C96737} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {36928D40-161E-4692-AD2F-65CED272EE97} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.1.0\Scheduler.exe [149776 2019-11-14] (IObit Information Technology -> IObit)
Task: {3741F58F-2FB0-41E7-81DC-B8EAD6F0EAD1} - System32\Tasks\CareCenter\IndexTray.exe_Reg_HKLMWow6432Run => C:\Program Files (x86)\Sharp\Sharpdesk\IndexTray.exe [395264 2011-12-20] (SHARP CORPORATION) [File not signed]
Task: {3B770E54-8450-474F-B16D-F4F26B1E6068} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4360000 2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CEEDF75-434C-423D-80B7-E4D2039F7118} - System32\Tasks\CareCenter\RtHDVBg_TrueHarmony_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {50DE449B-12E4-49D3-B58D-9D903CE5AEAD} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {621CA8BE-5494-41E1-ACF5-907FFD12BFD2} - System32\Tasks\CareCenter\Windows Mobile Device Center_Reg_HKLMRun => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {62307D36-81D1-4E28-92BD-A9EEEA151AAF} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-06-25] (Acer Incorporated -> )
Task: {6C0B57CE-96C6-4ADF-8C60-451F6A416F3B} - System32\Tasks\CareCenter\ICAMaintenance_ICAPKIService_RegKeysRefresh_Reg_HKLMWow6432Run => C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
Task: {6CCFEB7E-1B0E-4051-A14C-B3BF21E352B4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-16] (Google Inc -> Google Inc.)
Task: {6FEF2431-F2C4-4EE8-9A98-0ED5BEBF2A42} - System32\Tasks\CareCenter\GoogleDriveSync_Reg_HKCURun_S-1-5-21-2709589950-1360842280-2128968388-1001 => C:\Program Files\Google\Drive\googledrivesync.exe [47773264 2019-12-22] (Google LLC -> )
Task: {7837058E-43A5-4E85-8163-1F9A2F6F3A23} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2919840 2016-06-25] (Acer Incorporated -> )
Task: {78DB8AEF-B8F4-45C7-B9C1-E151B4DE60CC} - System32\Tasks\CareCenter\FtpServer.exe_Reg_HKLMWow6432Run => C:\Program Files (x86)\Sharp\Sharpdesk\FTPServer.exe [820224 2011-12-22] (SHARP CORPORATION) [File not signed]
Task: {7F3B1CFB-56F4-465F-B286-0099E8660008} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {8033804A-256B-4C30-9C1C-EE0CB3F5E758} - System32\Tasks\CareCenter\O&O Defrag Tray.lnk_FolderCommonAppdata => C:\WINDOWS\Installer\{6F9CDC3F-27D8-4A38-B81D-7E2DE3AF8434}\app_icon.ico [292878 2017-10-23] () [File not signed]
Task: {94AE4D09-116E-4A24-90F1-EC4828FCEE6E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4360000 2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A74B0201-423A-484D-B669-09EFB3BF5AAB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A8C588CC-7AB6-4E05-A3CF-46896DB80D23} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC874F26-D23B-43B8-ABB2-46E3DB412019} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-16] (Google Inc -> Google Inc.)
Task: {B32F573F-41AF-4778-8606-F451709C5985} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B35E5F53-EBF5-4DAB-8E59-043375F27CD7} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
Task: {BE1567DA-5957-4BC2-B956-C0E0860D7C4A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-11-21] (Piriform Software Ltd -> Piriform Ltd)
Task: {C44FB0A0-A680-45AC-BE34-E6FBACB2158D} - System32\Tasks\CareCenter\SunJavaUpdateSched_Reg_HKLMWow6432Run => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {CA687DFD-2395-4A0F-80FF-5A11376D3B41} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated)
Task: {CCEF86E7-2497-4865-932C-F2283830F7A4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {D96ACEE2-5A0C-41E2-BCCE-1857C83EC779} - System32\Tasks\CareCenter\CCleaner Monitoring_Reg_HKCURun_S-1-5-21-2709589950-1360842280-2128968388-1001 => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-11-21] (Piriform Software Ltd -> Piriform Ltd)
Task: {D970A157-D24B-4349-8993-E574FC6C89F8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24629104 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE9DC1CD-42F8-4031-A4F1-F237431EA743} - System32\Tasks\CareCenter\RTHDVCPL_Reg_HKLMRun => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E60CC02C-07B3-4242-877C-9235E04355E8} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {E926C6E1-948A-48EE-B450-F89760F06F21} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F5ED5AAF-68EA-4D2E-ADCC-CDC157461152} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4644256 2016-06-25] (Acer Incorporated -> )
Task: {F8AB4192-E0E3-4690-B40F-E31AEBEB8C69} - System32\Tasks\CareCenter\SharpTray.exe_Reg_HKLMWow6432Run => C:\Program Files (x86)\Sharp\Sharpdesk\SharpTray.exe [156672 2011-12-20] (SHARP CORPORATION) [File not signed]
Task: {FD0A9F01-531F-4FE9-94C6-9551F07012E8} - System32\Tasks\Driver Booster SkipUAC (Michal) => C:\Program Files (x86)\IObit\Driver Booster\7.1.0\DriverBooster.exe [7757072 2019-11-14] (IObit Information Technology -> IObit)
Task: {FEC749CF-0AA9-4EA8-A02A-473ED3C7208B} - System32\Tasks\PDRStyleAgent => C:\Program Files\CyberLink\PowerDirector16\PDRStyleAgent.exe [99608 2018-04-18] (CyberLink Corp. -> CyberLink Corp.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 185.108.120.1 8.8.8.8
Tcpip\..\Interfaces\{259d4b7e-9fbb-4d1a-ae02-90094bca3429}: [NameServer] 160.218.161.60 194.228.211.33
Tcpip\..\Interfaces\{3070c0c4-916b-4215-86ab-a0994c786b6b}: [NameServer] 160.218.161.60 194.228.211.33
Tcpip\..\Interfaces\{bdc447da-4394-4fc9-ac32-db2dbc6e2d54}: [DhcpNameServer] 185.108.120.1 8.8.8.8
Tcpip\..\Interfaces\{c1d62724-acfb-4864-8f71-d7f2e1e8cac3}: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{f1a3292a-5ab0-4e06-80d3-5790e1d6ab8e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fa9d648b-6990-4b0c-9884-84d7bb8cffbc}: [DhcpNameServer] 10.66.216.1

Internet Explorer:
==================
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001 -> DefaultScope {43B3F7A7-C57A-44F9-A4AF-C1CA78A86043} URL =
SearchScopes: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001 -> {43B3F7A7-C57A-44F9-A4AF-C1CA78A86043} URL =
SearchScopes: HKU\S-1-5-21-2709589950-1360842280-2128968388-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {64865E5A-E8D7-44C1-89E1-99A84F6E56D0} hxxp://192.168.1.202/VVTK_Plugin_Installer.exe
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: sds - {79E0F14C-9C52-4218-89A7-7C4B0563D121} - C:\Program Files (x86)\Sharp\Sharpdesk\ExplorerExtensions.dll [2011-12-20] (SHARP CORPORATION) [File not signed]

FireFox:
========
FF DefaultProfile: rzzk17eb.default
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\rzzk17eb.default [2020-01-18]
FF Extension: (Amazon Assistant for Firefox) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\rzzk17eb.default\Extensions\abb-acer@amazon.com [2016-12-16] [Legacy]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\rzzk17eb.default\Extensions\langpack-cs@firefox.mozilla.org [2016-12-16] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\rzzk17eb.default\Extensions\partnerdefaults@mozilla.com [2016-12-16] [Legacy]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2016-10-26] [Legacy]
FF Extension: (Czech (CZ) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-cs@firefox.mozilla.org [2016-10-26] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2016-10-26] [Legacy]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2011-04-14] (Google Inc. -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-01-22]

Chrome:
=======
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.facebook.com
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default [2020-01-22]
CHR Extension: (Prezentace) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-16]
CHR Extension: (MEGA) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2020-01-16]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-16]
CHR Extension: (Elektronický podpis ČSOB) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahecpanklnlonjjlojnjjcigcbflego [2017-05-31]
CHR Extension: (Tabulky) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-16]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR HKU\S-1-5-21-2709589950-1360842280-2128968388-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [961744 2014-07-13] (ABBYY Production LLC -> ABBYY Production LLC)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [406504 2019-11-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [38248 2019-12-13] (IDSA Production signing key -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [145768 2019-12-13] (IDSA Production signing key -> Intel)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2245488 2019-12-11] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2245488 2019-12-11] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1855976 2019-11-15] (Intel Corporation -> Intel Corporation)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [877368 2019-08-16] (Intel(R) Software Development Products -> )
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2019-06-20] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3854336 2019-06-20] (Firebird Project) [File not signed]
R2 Freedome Service; C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe [434648 2016-12-16] (F-Secure Corporation -> F-Secure Corporation)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-06-11] (GoPro Media, Inc. -> )
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] (Huawei Technologies Co., Ltd. -> )
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806352 2019-11-15] (ICEpower a/s -> ICEpower)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [976848 2016-01-14] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-02-05] (Intel Corporation) [File not signed]
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18744 2019-04-15] (Intel(R) Software Development Products -> Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-02-05] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-02-12] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [651856 2013-10-26] (Huawei Technologies Co., Ltd. -> )
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1711352 2015-09-14] (O&O Software GmbH -> O&O Software GmbH)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [191768 2019-11-15] (Qualcomm Atheros -> Qualcomm Technologies Inc.)
R2 RapiMgr; C:\WINDOWS\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2017-06-23] (CyberLink Corp. -> CyberLink)
R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe [2156512 2019-11-15] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [204088 2019-08-16] (Intel(R) Software Development Products -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (Acer Incorporated -> acer)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [877368 2019-08-16] (Intel(R) Software Development Products -> )
R2 VmbNotifierService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\VmbNotifierService.exe [185344 2017-10-21] (Vodafone) [File not signed]
R2 WcesComm; C:\WINDOWS\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2085760 2016-09-16] (Sony Mobile Communications AB -> Sony) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2019-11-15] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [90536 2019-07-14] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
S3 dlusbaudio; C:\WINDOWS\System32\drivers\dlusbaudio_x64.sys [238320 2017-05-29] (DISPLAYLINK -> DisplayLink Corp.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [78680 2019-11-15] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [71000 2019-11-15] (Intel Corporation -> Intel Corporation)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-05-13] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-05-13] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-11-01] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-11-01] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-05-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-11-01] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-11] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [402264 2019-11-15] (Intel Corporation -> Intel Corporation)
S3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-09-27] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2012-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [130944 2014-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R3 HID_PCI; C:\WINDOWS\System32\drivers\HID_PCI.sys [30832 2016-03-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel)
R3 huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [91648 2013-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-11-15] (Martin Malik - REALiX -> REALiX(tm))
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380672 2014-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 iactrllogic; C:\WINDOWS\System32\drivers\iactrllogic64.sys [182184 2019-11-15] (Microsoft Corporation -> Intel(R) Corporation)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [98760 2019-11-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1035744 2019-11-15] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ISH; C:\WINDOWS\System32\drivers\ISH.sys [155288 2019-11-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel)
R3 ISH_BusDriver; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [76912 2016-03-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2019-11-15] (Acer Incorporated -> Acer Incorporated)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-11-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 ov5670; C:\WINDOWS\System32\drivers\ov5670.sys [159104 2019-11-15] (Intel Corporation -> Intel Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2371864 2019-11-15] (Qualcomm Atheros -> Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2019-11-15] (Acer Incorporated -> Acer Incorporated)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [450152 2019-11-15] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3149832 2017-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [41816 2019-08-16] (Intel Corporation -> )
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [56840 2019-11-15] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2019-11-15] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2019-09-11] (Microsoft Windows -> Microsoft Corporation)
R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [41536 2019-11-15] (Intel(R) Software -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-22 06:28 - 2020-01-22 06:29 - 000038972 _____ C:\Users\Michal\Desktop\FRST.txt
2020-01-22 06:28 - 2020-01-22 06:29 - 000000000 ____D C:\FRST
2020-01-22 06:28 - 2020-01-22 06:28 - 002572800 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2020-01-21 16:27 - 2020-01-21 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D&G Unlocker
2020-01-21 16:27 - 2020-01-21 16:27 - 000000000 ____D C:\data
2020-01-21 16:02 - 2020-01-21 16:02 - 000000000 ____D C:\Users\Public\Documents\iMyFone
2020-01-21 16:01 - 2020-01-21 16:01 - 000000000 ____D C:\Program Files (x86)\imyfone_down
2020-01-21 15:47 - 2020-01-21 15:47 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2020-01-21 15:42 - 2020-01-21 15:42 - 000000000 ____D C:\Users\Michal\.android
2020-01-21 15:40 - 2020-01-21 16:27 - 000000000 ____D C:\adb
2020-01-21 13:35 - 2020-01-21 13:35 - 000001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\TAGRA.lnk
2020-01-21 13:35 - 2020-01-21 13:35 - 000001015 _____ C:\Users\Public\Desktop\TAGRA.lnk
2020-01-21 13:35 - 2020-01-21 13:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAGRA 137
2020-01-21 13:34 - 2020-01-21 13:34 - 032868288 _____ C:\Users\Michal\Downloads\TAGRA_eu.zip
2020-01-20 11:39 - 2020-01-20 11:39 - 000006422 _____ C:\Users\Michal\Downloads\fa 2020003.pdf
2020-01-20 06:16 - 2020-01-20 06:16 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-20 06:16 - 2020-01-20 06:16 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-20 06:15 - 2020-01-20 06:16 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-20 06:15 - 2020-01-20 06:15 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-20 06:15 - 2020-01-20 06:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-20 06:15 - 2020-01-20 06:15 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-20 06:11 - 2019-12-10 06:15 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-20 06:11 - 2019-12-10 05:59 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-01-18 09:38 - 2020-01-18 10:00 - 000024890 _____ C:\Users\Michal\Desktop\Loading schedule form_4.xlsx
2020-01-14 13:19 - 2020-01-14 13:19 - 000119203 _____ C:\Users\Michal\Downloads\FORESTRA - SK KI BRAND LKW.pdf
2020-01-07 15:46 - 2020-01-07 15:46 - 000043520 _____ C:\Users\Michal\Desktop\Přehled nabídek_LČbezPD_2020+_k uveřejnění.xls
2020-01-07 15:46 - 2020-01-07 15:46 - 000034816 _____ C:\Users\Michal\Desktop\Přehled nabídek_PČ_2020+_k uveřejnění.xls
2020-01-07 15:45 - 2020-01-07 15:45 - 000039936 _____ C:\Users\Michal\Desktop\Přehled nabídek_LČsPD_2020+_k uveřejnění.xls
2020-01-03 17:16 - 2020-01-03 17:16 - 001396788 _____ C:\Users\Michal\Downloads\office 2016+activator věžně funguje (byvořech).rar

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-22 06:27 - 2016-12-17 13:36 - 000000000 ____D C:\Users\Michal\Documents\Soubory aplikace Outlook
2020-01-22 06:15 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-22 06:12 - 2016-12-16 13:43 - 000000000 ____D C:\Users\Michal\Documents\Sharpdesk Desktop
2020-01-22 06:07 - 2019-07-02 15:22 - 000003534 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2020-01-22 06:05 - 2016-12-16 12:07 - 000000000 __SHD C:\Users\Michal\IntelGraphicsProfiles
2020-01-21 16:02 - 2019-08-27 08:09 - 000000000 ____D C:\Program Files\DIFX
2020-01-21 16:02 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-21 15:42 - 2019-07-02 15:17 - 000000000 ____D C:\Users\Michal
2020-01-21 15:32 - 2017-07-27 19:02 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-01-21 14:48 - 2019-07-02 15:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-21 14:08 - 2019-08-11 07:21 - 000011488 _____ C:\Users\Michal\Desktop\Sešit1.xlsx
2020-01-21 13:53 - 2017-12-19 06:09 - 000000000 ____D C:\Users\Michal\AppData\Local\Packages
2020-01-21 13:35 - 2016-12-17 14:18 - 000000000 ____D C:\Program Files (x86)\TAGRA.eu
2020-01-21 13:33 - 2019-08-27 08:17 - 000000000 ____D C:\ProgramData\firebird
2020-01-21 13:33 - 2018-07-07 13:08 - 000000000 ____D C:\Users\Michal\Documents\Nová složka
2020-01-21 13:33 - 2016-08-02 03:25 - 000000000 ___HD C:\OEM
2020-01-20 16:08 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-20 16:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-20 10:16 - 2019-07-02 15:24 - 001695456 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-20 10:16 - 2019-03-19 12:57 - 000719670 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-20 10:16 - 2019-03-19 12:57 - 000145698 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-20 10:11 - 2019-07-02 15:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-20 10:11 - 2019-07-02 15:14 - 000514360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-20 06:52 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-20 06:52 - 2018-05-13 11:43 - 000041448 _____ C:\WINDOWS\system32\OV5670_REAR.aiqd
2020-01-20 06:51 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-20 06:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-20 06:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-20 06:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-20 06:21 - 2016-12-16 13:15 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-20 06:18 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-20 06:18 - 2016-12-16 13:15 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-19 08:51 - 2016-12-17 12:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-01-19 08:30 - 2019-07-02 15:22 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2709589950-1360842280-2128968388-1001
2020-01-19 08:30 - 2019-07-02 15:17 - 000002372 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-19 08:30 - 2016-12-16 12:09 - 000000000 ___RD C:\Users\Michal\OneDrive
2020-01-17 14:51 - 2016-12-17 11:04 - 000053607 _____ C:\Users\Michal\Desktop\stepka.xlsx
2020-01-17 12:06 - 2016-12-23 14:17 - 000000000 ____D C:\WINDOWS\files
2020-01-14 12:22 - 2019-09-19 13:02 - 000013895 _____ C:\Users\Michal\Desktop\Tabuľka kompenzácie.xlsx
2020-01-14 12:21 - 2019-12-03 11:34 - 000012223 _____ C:\Users\Michal\Desktop\Tabuľka kompenzácie_ACTIV.xlsx
2020-01-14 06:16 - 2019-12-11 14:28 - 000000000 ____D C:\Users\Michal\Desktop\dynasty
2020-01-12 17:21 - 2017-10-19 12:00 - 000000000 ___RD C:\Users\Michal\Downloads\ISO2GOD
2020-01-12 17:10 - 2019-10-20 14:14 - 000000000 ____D C:\Program Files (x86)\FastShare
2020-01-10 13:37 - 2018-10-06 10:38 - 000000000 ____D C:\Users\Michal\Desktop\cina
2020-01-08 15:16 - 2018-12-12 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-01-08 06:19 - 2016-12-16 12:14 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-07 11:18 - 2017-01-19 14:32 - 000000000 ____D C:\Users\Michal\AppData\Roaming\vlc
2020-01-05 11:52 - 2019-11-21 08:33 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-30 09:09 - 2016-12-17 10:54 - 000000000 ____D C:\Pracovni
2019-12-27 17:13 - 2017-09-27 05:45 - 000000000 ____D C:\Users\Michal\AppData\Roaming\IObit

==================== Files in the root of some directories ========

2017-07-12 07:13 - 2006-05-19 12:48 - 000034816 _____ () C:\Program Files\winbox.exe
2018-05-13 07:43 - 2018-05-13 07:43 - 000000210 _____ () C:\Users\Michal\AppData\Roaming\MICHAL.MTBF.txt
2018-05-13 07:45 - 2018-09-18 11:18 - 000004608 _____ () C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-25 12:03 - 2017-07-25 12:03 - 000000084 _____ () C:\Users\Michal\AppData\Local\FSDownloader.err
2017-07-25 11:40 - 2017-07-25 17:32 - 000001080 _____ () C:\Users\Michal\AppData\Local\FSDownloader.nast
2017-09-16 09:14 - 2017-09-16 09:14 - 000007604 _____ () C:\Users\Michal\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Nemáte zač a za příspěvek děkujeme. Potřeboval bych ale vidět obsah souboru fixlog.txt. Měl by být na ploše.

[Rudy]

Tentokrát to byl jiný ovladač. Chybu zkuste opravit podle tohoto návodu: https://www.wikifixes.com/cs/errors/dll ... gIulPD_BwE .

[jack68]

Diky prispevek 300 kc odeslan. Fixlog.txt na plose nemam jen frst a addition.txt

[Rudy]

My děkujeme za příspěvek a vy nemáte zač. Fixlog se vytvoří, jen se někdy sám neotevře. Je tam, kde jsou ostatní produkty FRST. Pokud ne, máte buď přeplněnou plochu, nebo jste ho smazal.

[jack68]

Zdravim
Nechapu. Dam jsem FRST na disk C: a fixlog nevyskocil. nevite cim to muze byt.

[Rudy]

Někdy se to stane. Soubor fixlog.txt po provedení fixování se ukládá do stejného adresáře, kde máte uložen FRST.